Ivanti Releases Security Updates for Multiple Products
Updates address critical vulnerabilities in Cloud Services Application, Connect Secure, and Policy Secure
Summary
Updates address critical vulnerabilities in Cloud Services Application, Connect Secure, and Policy Secure
Affected platforms
The following platforms are known to be affected:
Threat details
Introduction
Ivanti has released security advisories addressing vulnerabilities in Cloud Services Application, Connect Secure, and Policy Secure.
Ivanti Cloud Services Applicance (CSA) is an appliance that provides secure communication and functionality over the internet. Ivanti Connect Secure and Policy Secure are SSL VPN solutions used for remote and mobile access to corporate resources.
Vulnerability details
Security Advisory Ivanti Cloud Services Application (CSA)
- CVE-2024-11639 is an authentication bypass vulnerability in CSA with a CVSSv3 score of 10.0, which could allow a remote unauthenticated attacker to gain administrative access.
- CVE-2024-11772 is a command injection vulnerability in CSA with a CVSSv3 score of 9.1, which could allow a remote authenticated attacker with admin privileges to achieve remote code execution (RCE).
- CVE-2024-11773 is an SQL injection vulnerability in CSA with a CVSSv3 score of 9.1, which could allow a remote authenticated attacker with admin privileges to run arbitrary SQL statements.
December 2024 Security Advisory Ivanti Connect Secure (ICS) and Ivanti Policy Secure (IPS)
- CVE-2024-11633 is an argument injection vulnerability in Connect Secure with a CVSSv3 score of 9.1, which could allow a remote authenticated attacker with admin privileges to achieve RCE.
- CVE-2024-11634 is a command injection vulnerability in Connect Secure and Policy Secure with a CVSSv3 score of 9.1, which could allow a remote authenticated attacker with admin privileges to achieve RCE.
Remediation advice
Affected organisations are strongly encouraged to review Ivanti's December Security Update blog and the security advisories below, applying any relevant updates.
Remediation steps
Type | Step |
---|---|
Patch |
Security Advisory Ivanti Cloud Services Application (CSA) (CVE-2024-11639, CVE-2024-11772, CVE-2024-11773) https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Cloud-Services-Application-CSA-CVE-2024-11639-CVE-2024-11772-CVE-2024-11773?language=en_US |
Patch |
December 2024 Security Advisory Ivanti Connect Secure (ICS) and Ivanti Policy Secure (IPS) (Multiple CVEs) https://forums.ivanti.com/s/article/December-2024-Security-Advisory-Ivanti-Connect-Secure-ICS-and-Ivanti-Policy-Secure-IPS-Multiple-CVEs?language=en_US |
Definitive source of threat updates
- https://www.ivanti.com/blog/december-security-update
- https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Cloud-Services-Application-CSA-CVE-2024-11639-CVE-2024-11772-CVE-2024-11773?language=en_US
- https://forums.ivanti.com/s/article/December-2024-Security-Advisory-Ivanti-Connect-Secure-ICS-and-Ivanti-Policy-Secure-IPS-Multiple-CVEs?language=en_US
CVE Vulnerabilities
Last edited: 11 December 2024 2:59 pm