Ivanti has released security updates to address multiple critical flaws in its Cloud Services Application (CSA) and Connect Secure products that could lead to privilege escalation and code execution.
The list of vulnerabilities is as follows –
The shortcomings have been addressed in the below versions –
While Ivanti has emphasized that it’s not aware of active exploitation of any of the aforementioned flaws, it’s imperative that users take quick action given that several flaws in its products have been abused by state-sponsored attackers for malicious activities.
