Multiple attacks forces CISA to order agencies to upgrade or remove end-of-life Ivanti appliance

![ivanti logo](https://cms.therecord.media/uploads/format_webp/michael_dziedzic_O99b_Ww_DM_Ba8_unsplash_a9f4479abf.jpg?w=3840) [Jonathan Greig](/author/jonathan-greig)September 14th, 2024 Multiple attacks forces CISA to order agencies to upgrade or remove end-of-life Ivanti appliance================================================================================================The nation’s top cyber watchdogs urged federal agencies to either remove or upgrade an Ivanti appliance that is no longer being updated and has been exploited in attacks.The technology company [updated an advisory](https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Cloud-Service-Appliance-CSA-CVE-2024-8190?language=en_US) on Friday warning that a ‘limited number of customers’ were breached through the exploitation of CVE-2024-8190.The bug was announced on Tuesday and effects Ivanti’s Cloud Service Appliance (CSA) — a tool that provides secure communication over the internet and acts as a center point for managed devices and central consoles are connected.Exploitation of the bug, which the Cybersecurity and Infrastructure Security Agency (CISA) [confirmed](https://www.cisa.gov/news-events/alerts/2024/09/13/ivanti-releases-security-update-cloud-services-appliance) on Friday as well, gives hackers ‘access to the device running the CSA.’The advisory notes that CSA 4.6 is end-of-life and ‘no longer receives patches for OS or third-party libraries.”Additionally, with the end-of-life status this is the last fix that Ivanti will backport for this version. Customers must upgrade to Ivanti CSA 5.0 for continued support,’ they said. ‘CSA 5.0 is the only supported version and does not contain this vulnerability. Customers already running Ivanti CSA 5.0 do not need to take any additional action.’CISA [ordered](https://www.cisa.gov/known-exploited-vulnerabilities-catalog) all federal civilian agencies to remove CSA 4.6. from service or upgrade to the 5.0. by October 4.Ivanti said users will know they are impacted by exploitation of the bug by looking to see if there are modified or newly added administrative users. They also urged customers to check security alerts if they have certain security tools involved.The issue arose one day after [another Ivanti bug](https://www.zerodayinitiative.com/advisories/ZDI-24-1223/) caused alarm [among defenders](https://github.com/horizon3ai/CVE-2024-29847). The company [pledged a security overhaul](https://therecord.media/ivanti-security-overhaul-ceo-jeff-abbott) in April after a cascade of [headline-grabbing](https://therecord.media/cisa-takes-two-systems-offline-following-ivanti-compromise) nation-state [attacks](https://therecord.media/ivanti-customers-patch-chinese-hackers) broke through the systems of government agencies in the [U.S.](https://therecord.media/cisa-confirms-hackers-chemical-facilities) and [Europe](https://therecord.media/hackers-use-ivanti-zero-day-to-attack-norway-ministries) using vulnerabilities in Ivanti products. * [](https://twitter.com/intent/tweet?text=Multiple attacks forces CISA to order agencies to upgrade or remove end-of-life Ivanti appliance%20%20@TheRecord_Media)* [](https://www.linkedin.com/shareArticle?mini=true&url=&title=Multiple attacks forces CISA to order agencies to upgrade or remove end-of-life Ivanti appliance)* [](https://www.facebook.com/sharer/sharer.php?u=&src=sdkpreparse)* [](https://www.reddit.com/submit?url=)* [](https://news.ycombinator.com/submitlink?u=&t=Multiple attacks forces CISA to order agencies to upgrade or remove end-of-life Ivanti appliance) * [Cybercrime](/news/cybercrime)* [Government](/news/government)* [News](/)* [News Briefs](/)* [Technology](/news/technology) Get more insights with the Recorded Future Intelligence Cloud.[Learn more.](https://www.recordedfuture.com/platform?mtm_campaign=ad-unit-record) Tags* [CISA](/tag/cisa)* [patch](/tag/patch)* [Ivanti](/tag/ivanti)* [software](/tag/software) No previous article No new articles ![Jonathan Greig](https://cms.therecord.media/uploads/format_webp/DSC_0283_1_a6f4e4e315.jpg?w=828) [Jonathan Greig](/author/jonathan-greig) is a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.[](https://twitter.com/jgreigj)

Related Tags:
NAICS: 921 – Executive

Legislative

Other General Government Support

NAICS: 518 – Computing Infrastructure Providers

Data Processing

Web Hosting

Related Services

NAICS: 92 – Public Administration

NAICS: 922 – Justice

Public Order

Safety Activities

NAICS: 51 – Information

Blog: The Record

Associated Indicators:

Threat Intel Solutions

Multiple attacks forces CISA to order agencies to upgrade or remove end-of-life Ivanti appliance

Search

Popular Posts

2024 macOS Malware Review | Infostealers, Backdoors, and APT Campaigns Targeting the Enterprise

The great Google Ads heist: criminals ransack advertiser accounts via fake Google ads

MintsLoader: StealC and BOINC Delivery

Categories

Archives

Tags

Follow Us