Friday, May 2, 2025
HomeCVE/vulnerabilityIvanti CSA Vulnerabilities Let Attackers Gain Admin Access

Ivanti CSA Vulnerabilities Let Attackers Gain Admin Access

Published on

SIEM as a Service

Follow Us on Google News

 Ivanti has issued critical software updates to address several severe vulnerabilities in its Cloud Services Application (CSA).

These vulnerabilities tracked as CVE-2024-11639, CVE-2024-11772, and CVE-2024-11773, affect CSA versions 5.0.2 and earlier.

Without mitigation, these flaws could allow malicious attackers to bypass authentication, execute remote code, and manipulate databases, posing significant risks to organizations relying on CSA for endpoint management.

- Advertisement - Google News

Vulnerability Details

CVE-2024-11639: Authentication Bypass

This critical vulnerability has been assigned a CVSS score of 10.0. It allows an unauthenticated attacker to bypass authentication mechanisms in the admin web console of CSA.

Exploiting this flaw grants the attacker full administrative access, potentially enabling them to take complete control of the system. The vulnerability is particularly dangerous because it does not require any prior privileges or user interaction.

Leveraging 2024 MITRE ATT&CK Results for SME & MSP Cybersecurity Leaders – Attend Free Webinar

CVE-2024-11772: Command Injection

With a CVSS score of 9.1, this vulnerability impacts administrators who already have elevated privileges on the CSA console.

It allows an attacker to execute arbitrary commands remotely via command injection, potentially leading to remote code execution.

While this flaw requires authenticated access, exploiting it could result in serious damage to system integrity and functionality.

CVE-2024-11773: SQL Injection

This critical vulnerability also rated 9.1 on the CVSS scale, enables attackers with admin privileges to perform SQL injection on the system.

By exploiting this flaw, malicious actors can execute arbitrary SQL queries, which may compromise the confidentiality, integrity, or availability of the system’s databases.

This could result in unauthorized access to sensitive information or disruption of database operations.

Affected Versions

The following table outlines the impacted and resolved versions of CSA:

ProductImpacted Version(s)Resolved VersionPatch Availability
Ivanti Cloud Services Application5.0.2 and earlier5.0.3Available on the Ivanti Download Portal

Ivanti strongly advises all customers using CSA 5.0.2 or earlier to upgrade to version 5.0.3 immediately.

The patched version is available for download from the Ivanti Download Portal. Customers can refer to the documentation titled “Get Started with the Ivanti Cloud Service Application 5.0 for Endpoint Manager” for detailed instructions on the upgrade process.

Ivanti stated that, as of the disclosure date, there is no known evidence that these vulnerabilities have been exploited in the wild.

However, given the critical nature of CVE-2024-11639, which allows unauthenticated administrative access, the potential for exploitation remains high.

Organizations should prioritize this update to safeguard their systems and prevent potential unauthorized access or data breaches.

These vulnerabilities underscore the importance of timely patch management and proactive security measures.

Ivanti’s quick response in addressing these issues highlights its commitment to protecting customers. Users are urged to act immediately to ensure their systems remain secure.

Investigate Real-World Malicious Links,Malware & Phishing Attacks With ANY.RUN - Try for Free

Divya
Divya
Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Latest articles

Managing Shadow IT Risks – CISO’s Practical Toolkit

Managing Shadow IT risks has become a critical challenge for Chief Information Security Officers...

Application Security in 2025 – CISO’s Priority Guide

Application security in 2025 has become a defining concern for every Chief Information Security...

Preparing for Quantum Cybersecurity Risks – CISO Insights

Quantum cybersecurity risks represent a paradigm shift in cybersecurity, demanding immediate attention from Chief...

Securing Digital Transformation – CISO’s Resource Hub

In today’s hyper-connected world, securing digital transformation is a technological upgrade and a fundamental...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

Netgear EX6200 Flaw Enables Remote Access and Data Theft

Security researchers have disclosed three critical vulnerabilities in the Netgear EX6200 Wi-Fi range extender...

Tesla Model 3 VCSEC Vulnerability Lets Hackers Run Arbitrary Code

A high security flaw in Tesla’s Model 3 vehicles, disclosed at the 2025 Pwn2Own...

Apache ActiveMQ Vulnerability Lets Remote Hackers Execute Arbitrary Code

A high vulnerability in Apache ActiveMQ’s .NET Message Service (NMS) library has been uncovered,...