Ivanti Releases February 2025 Security Updates


Ivanti has released three security advisories in the February Security Update, which addresses vulnerabilities in Ivanti products. In the first advisory, two vulnerabilities were identified in Ivanti Cloud Services Application (CSA).

The Ivanti CSA is an Internet appliance that provides secure communication and functionality over the Internet. It falls under the primary product of Ivanti Endpoint Manager, but security fixes are maintained separately. CVE-2024-47908 is a critical OS command injection vulnerability with a CVSSv3 9.1. Successful exploitation of CVE-2024-47908 could allow a remote authenticated attacker to achieve remote code execution (RCE).

Read more…
Source: NHS Digital


Sign up for our Newsletter


Related:

  • Cisco Warns of Critical Vulnerability Revealed in ‘Vault 7’ Data Dump

    March 20, 2017

    Cisco Systems warned customers on Friday of a critical vulnerability that could allow an attacker to execute arbitrary code and obtain full control on more than 300 different models of its switches and routers. Cisco said it became aware of the vulnerability after WikiLeaks released its Vault 7 cache of documents that revealed the existence ...