Threat Actors Chained Vulnerabilities in Ivanti Cloud Service Applications
Essential information
- Published
- 24/01/2025 14:18
- Modified
- 24/01/2025 14:54
- Tags
- 2025-01-24 cisa ivanti
- Related entities
- 7 vulnerabilities (cve), 28 observables, 13 techniques (mitre)
Description
Related entities
Vulnerabilities, IOCs, intrusion sets, MITRE techniques and other entities referenced in this report.
Vulnerabilities (CVE) (7)
A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2, and Ivanti Neurons for ZTA …
- Attack vector
- LOCAL
- Published
- 09/01/2025
- Modified
- 21/12/2025
A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2, and Ivanti Neurons for ZTA …
- Attack vector
- Network
- Published
- 08/01/2025
- Modified
- 21/12/2025
Ivanti Cloud Services Appliance (CSA) contains an OS command injection vulnerability in the administrative console which can allow an authenticated attacker with …
- Attack vector
- Network
- Published
- 09/10/2024
- Modified
- 21/12/2025
Path traversal in Ivanti CSA before version 5.0.2 allows a remote authenticated attacker with admin privileges to bypass restrictions.
- Attack vector
- NETWORK
- Published
- 08/10/2024
- Modified
- 21/12/2025
Ivanti Cloud Services Appliance (CSA) contains a SQL injection vulnerability in the admin web console in versions prior to 5.0.2, which can …
- Attack vector
- Network
- Published
- 09/10/2024
- Modified
- 21/12/2025
Ivanti Cloud Services Appliance (CSA) contains a path traversal vulnerability that could allow a remote, unauthenticated attacker to access restricted functionality. If …
- Attack vector
- Network
- Published
- 19/09/2024
- Modified
- 21/12/2025
An OS command injection vulnerability in Ivanti Cloud Services Appliance versions 4.6 Patch 518 and before allows a remote authenticated attacker to …
- Attack vector
- Network
- Published
- 13/09/2024
- Modified
- 21/12/2025
Observables (28)
-
134.195.90.71 -
108.174.199.200 -
104.168.133.228 -
136.144.17.133 -
216.131.75.53 -
89.187.178.179 -
203.160.86.69 -
107.173.89.16 -
38.207.159.76 -
208.105.190.170 -
156.234.193.18 -
23.236.66.97
Techniques (MITRE) (13)
-
Modify Authentication Process MITRE
-
Abuse Elevation Control Mechanism MITRE
-
Unsecured Credentials MITRE
-
Server Software Component MITRE
-
Hide Artifacts MITRE
-
Application Layer Protocol MITRE
-
Active Scanning MITRE
-
Exploitation of Remote Services MITRE
-
Remote Access Tools MITRE
-
Deobfuscate/Decode Files or Information MITRE
-
Exploit Public-Facing Application MITRE
-
Exploitation for Privilege Escalation MITRE