Intel Name: Threat actors chained vulnerabilities in ivanti cloud service applications
Date of Scan: January 23, 2025
Impact: High
Summary: According to reliable third-party incident response data, threat actors exploited the listed vulnerabilities to achieve initial access, execute remote code (RCE), acquire credentials, and deploy webshells on victim networks. The attackers primarily used two exploit chains: one combined CVE-2024-8963 with CVE-2024-8190 and CVE-2024-9380, while the other paired CVE-2024-8963 with CVE-2024-9379. In one confirmed case, the attackers laterally moved to two additional servers.