Consorzio Metis

CSIRT Toscana

CSIRT Toscana

Ivanti December Security Update (AL05/241211/CSIRT-ITA) – Aggiornamento

Data:
16 Dicembre 2024 16:58

Sintesi

Ivanti rilascia aggiornamenti di sicurezza che risolvono 16 vulnerabilità, di cui 5 con gravità “critica” e 11 con gravità “alta”, in vari prodotti.

Impatto sistemico

Alto (66.66)

Tipologia

  • Authentication Bypass
  • Arbitrary Code Execution
  • Arbitrary File Deletion
  • Denial of Service
  • Security Restrictions Bypass
  • Remote Code Execution
  • Security Features Bypass
  • Privilege Escalation

Prodotti e versioni affette

Ivanti

  • Cloud Services Application (CSA), versione 5.0.2 e precedenti
  • Desktop and Server Management (DSM), versione 2024.2
  • Connect Secure (ICS), versione 22.7R2.3 e precedenti
  • Policy Secure (IPS), versione 22.7R1.1 e precedenti
  • Sentry, versione 9.20.1 e precedenti, 10.0.1 e precedenti
  • Endpoint Manager (EPM), versione 2024 September Security Update e precedenti, 2022 SU6 e precedenti
  • Security Controls (iSec), versione 2024.3.2 (9.6.9365.0) e precedenti
  • Patch for Configuration Manager, versioni 2024.3 (2.5.1058) e precedenti
  • Neurons for Patch Management, versione 2024.3 (1.1.55.0) e precedenti
  • Neurons Agent Platform, versione 2024.1 (9.6.771) e precedenti
  • Application Control 2024.3, 2024.1 e 2023.3
  • Automation, 2024.4 e precedenti
  • IWC (Ivanti Workspace Control), 10.18.30.0 e precedenti
  • Performance Manager 2024.3, 2024.1 e 2023.3

Azioni di mitigazione

In linea con le dichiarazioni del vendor, si raccomanda di aggiornare i prodotti vulnerabili seguendo le indicazioni dei bollettini di sicurezza riportati nella sezione Riferimenti.

Identificatori univoci vulnerabilità

Di seguito sono riportate le CVE relative alle vulnerabilità con gravità “critica” e “alta”:

CVE-ID

CVE-2024-11639 CVE-2024-11772CVE-2024-11773CVE-2024-7572

CVE-2024-37377CVE-2024-9844CVE-2024-37401CVE-2024-11633

CVE-2024-11634CVE-2024-8540 CVE-2024-10256 CVE-2024-10251

CVE-2024-11597CVE-2024-8496CVE-2024-9845CVE-2024-11598

Riferimenti

https://www.ivanti.com/blog/december-security-update

https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Cloud-Services-Application-CSA-CVE-2024-11639-CVE-2024-11772-CVE-2024-11773?language=en_US

https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Desktop-and-Server-Management-DSM-CVE-2024-7572?language=en_US

https://forums.ivanti.com/s/article/December-2024-Security-Advisory-Ivanti-Connect-Secure-ICS-and-Ivanti-Policy-Secure-IPS-Multiple-CVEs?language=en_US

https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Sentry-CVE-2024-8540?language=en_US

https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Patch-SDK-CVE-2024-10256?language=en_US

https://forums.ivanti.com/s/article/December-2024-Security-Advisory-Ivanti-Application-Control-CVE-2024-11598?language=en_US 

https://forums.ivanti.com/s/article/December-2024-Security-Advisory-Ivanti-Automation-CVE-2024-9845?language=en_US 

https://forums.ivanti.com/s/article/December-2024-Security-Advisory-Ivanti-Workspace-Control-IWC-CVE-2024-8496?language=en_US

https://forums.ivanti.com/s/article/December-2024-Security-Advisory-Ivanti-Performance-Manager-CVE-2024-11597?language=en_US 

https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Security-Controls-iSec-CVE-2024-10251?language=en_US 

Il presente articolo è un prodotto originale di csirt.gov.it, riproposto qui a solo scopo di aumentarne la visibilità.