Ivanti Cloud Services Appliance OS Command Injection Vulnerability Allowing Remote Code Execution

A command injection vulnerability has been identified in Ivanti Cloud Services Appliance (CSA) versions 4.6 Patch 518 and prior. This vulnerability allows remote authenticated attackers with admin privileges to execute arbitrary commands on the underlying operating system. Exploitation of this vulnerability could lead to unauthorized access and control over the affected system.

Impact

Successful exploitation allows an authenticated attacker with administrative privileges to execute commands on the operating system level, potentially leading to full system compromise.

Remediation

Users are advised to upgrade to Ivanti Cloud Services Appliance version 5.0, the only supported version that does not contain this vulnerability. For those on Ivanti CSA 4.6 Patch 518, an update to Patch 519 is available. However, as version 4.6 has reached end-of-life, the preferred option is to upgrade to version 5.0.