Threat actors chained vulnerabilities in ivanti cloud service applications

Intel Name: Threat actors chained vulnerabilities in ivanti cloud service applications

Date of Scan: January 23, 2025

Impact: High

Summary:
According to reliable third-party incident response data, threat actors exploited the listed vulnerabilities to achieve initial access, execute remote code (RCE), acquire credentials, and deploy webshells on victim networks. The attackers primarily used two exploit chains: one combined CVE-2024-8963 with CVE-2024-8190 and CVE-2024-9380, while the other paired CVE-2024-8963 with CVE-2024-9379. In one confirmed case, the attackers laterally moved to two additional servers.

More Details