CVE-2024-47908

Summary

CVE-2024-47908 is a critical vulnerability affecting Ivanti's Configuration Manager Software Agent (CSA) versions prior to 5.0.5. An attacker with administrative privileges can exploit an OS command injection vulnerability in the admin web console, allowing them to execute remote code and compromise the affected system. This issue poses a significant risk, as it enables an attacker to gain deep access to the target network and potentially disrupt critical operations or steal sensitive data. Ivanti strongly urges users to upgrade to the latest version of CSA to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.