Ivanti has released a security update to address an admin bypass vulnerability (CVE-2024-8963) affecting Ivanti Cloud Services Appliance (CSA) version 4.6. A cyber threat actor could exploit this vulnerability in conjunction with CVE-2024-8190. This vulnerability impacts all versions prior to patch 519.
CERT Bulgaria CERT Bulgaria urges users and administrators review the Ivanti security advisory for more information and apply the necessary updates.