The Cybersecurity & Infra𓆏structure Security Agency is warning of a critical vulnerability in Ivanti Cloud Services Appliance (CSA) that is being actively exploited.

Ivanti a security advisory for CSA 4.6 to address a high severity vulnerability that could give attackers unau🅷thorized accesses to devices running a CSA.

An OS command injection vulnerability in Ivanti Cloud Services Appliance versions 4.6 Patch 518 and before allows a re🌜mote authenticated attacker to obtain remote code execution. The attacker must hꦗave admin level privileges to exploit this vulnerability.

To make matters worse, CSA 4.6 is End-of-Life (EOL), li🍸miting availability of future updates.

Please note: Ivanti CSA 4.6 is End-of-Life, and no longer receives patches for OS or third-party libraries. Additionally, with the end-of-life status this is the last fix thatꦅ Ivanti will backport for this version. Customers must upgrade to Ivanti CSA 5.0 for continued support. CSA 5.0 is the only supported version and does not contain this vulnerability. Customers already running Ivanti CSA 5.0 do not need to take any additional action.

CISA is now agencies of the vulnerability, instructing them to immediatelyꦫ take m💞easures to mitigate the risk.

CISA recommends users and administrators review CISA and FBI’s joint guidance on eliminating OS command injections and the Ivanti security advisory and apply the recommended updates.

Note: CISA has added CVE-2024-8190 to its 🍌Known Exploited Vulnerabilities Catalog, which, per Binding Operational Directive (B🐷OD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities, requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the specified due date to protect FCEB networks against active threats.

Because Ivanti CSA 4.6 is EOL, however, CISA is agencies take the additional step of replacing it, since it will not receive future security update🤪s.

Action: As Ivanti CSA has reached End-of-Life status, users are urged to remove CSA 4.6.x from service or upgrade to the 5.0.xꦆ line of supported solutions, as future vulnerabilities on the 4.6.x version of CSA are unlikely to receive future security updates.