Ivanti Details

    Organization Logo

    Ivanti

    South Jordan, Utah3000 employees • Technology

    https://www.ivanti.com/
    United States

    Industry

    Technology

    Security Incidents

    1

    Ivanti is an IT software company that specializes in IT asset management, IT service management, IT security, and unified endpoint management solutions. The company was formed in January 2017 through the merger of LANDESK and HEAT Software, bringing together multiple years of experience in the IT solutions industry to provide a comprehensive suite of products aimed at enhancing and streamlining IT operations for organizations.

    Ivanti offers a range of notable products including Ivanti Neurons, an AI-powered platform for automation of IT operations, and Ivanti Security Controls, which provides...
    Show more

    Security Incidents

    Ivanti Breach of Sep 2024
    Severity Score
    High

    Type

    Corporate Breach

    Summary

    On September 19, 2024, Ivanti disclosed the exploitation of a second, critical vulnerability in its Cloud Services Appliance (CSA), labeled CVE-2024-8963. This flaw, with a CVSS score of 9.4, is a path traversal vulnerability that allows remote, unauthenticated attackers to access restricted functionalities. Exploited alongside another previously identified vulnerability, CVE-2024-8190, an OS command injection flaw, attackers can achieve remote code execution (RCE) by bypassing admin authentication and executing arbitrary commands.

    Ivanti has urged customers to upgrade to CSA version 5.0 or t...
    Show more

    Severity

    In September 2024, Ivanti discovered a critical vulnerability (CVE-2024-8963) in their Cloud Services Appliance that could be exploited in conjunction with an earlier flaw (CVE-2024-8190) to achieve remote code execution. This path traversal vulnerability allows a remote, unauthenticated attacker to access restricted functionalities, bypass admin authentication, and execute arbitrary commands if they have admin-level privileges. The combined severity of these vulnerabilities, along with a history of multiple security issues within the past year affecting thousands of devices, underscores a sig...
    Show more

    Impact

    The recent cyber incident involving Ivanti's Cloud Services Appliance (CSA) stemmed from a newly discovered critical vulnerability (CVE-2024-8963). This vulnerability, when combined with a previously known flaw (CVE-2024-8190), allows for remote code execution (RCE) by enabling unauthorized access to restricted functionalities and bypassing admin authentication. This chain of exploits could have provided attackers with the ability to execute arbitrary commands on the affected appliances.

    There is no indication in the available reports that specific customer data, internal company data, or int...
    Show more

    KEEP YOUR ENVIRONMENT SECURE

    Weak credentials are the leading cause of breaches. Beyond Identity can help.

    See MFA exploits in action
    Watch how adversaries exploit companies in quick videos