Help
FortiRecon
FortiRecon is a digital risk protection (DRP) service that allows customers to gain visibility of their digital attack surface, receive targeted threat intelligence, and reduce organisational risk.
smallick
Staff
Staff

Created on ‎01-26-2025 11:14 PM

Article Id 372671

Outbreak Alert: Ivanti CSA (Cloud Services Appliance) Zero-Day Attack

FortiRecon Digital Risk Protection (DRP), a SaaS-based service, includes External Attack Surface Management, Brand Protection, and Adversary Centric Intelligence.

Adversary Centric Intelligence (ACI): leverages FortiGuard Threat Analysis to provide comprehensive coverage of dark web, open-source, and technical threat intelligence, including threat actor insights to enable organizations to respond proactively assess risks, respond faster to incidents, better understand their attackers, and guard assets.

The Vulnerability Intelligence Module under Adversary Centric Intelligence (ACI) provides a realistic view of the impact of the vulnerability based upon chatter and discussion of the same across various external sources such as Darkweb, social media, News / Blogs etc.
CVE ID CVE-2024-9381
CVE Title Path traversal in Ivanti CSA before version 5.0.2 allows a...
NVD Severity HIGH
FortiRecon Severity CRITICAL
FortiRecon Score 90/100
Exploited Yes
Exploited by Ransomware Group(s) No
Exploited by APT Group(s) No
Included in CISA KEV List No
Available working exploit(s) 0
Available POC exploit(s) 0
Darknet Mention(s) 0
Telegram Mention(s) 0
FortiRecon Intelligence Reporting(s) 5 (FortiGuard Research), 3 (OSINT)
Vendor Advisory:

 

CVE ID CVE-2024-9380
CVE Title Ivanti Cloud Services Appliance (CSA) OS Command Injection Vulnerability
NVD Severity HIGH
FortiRecon Severity CRITICAL
FortiRecon Score 90/100
Exploited Yes
Exploited by Ransomware Group(s) No
Exploited by APT Group(s) Yes ()
Included in CISA KEV List Yes
Available working exploit(s) 0
Available POC exploit(s) 0
Darknet Mention(s) 0
Telegram Mention(s) 0
FortiRecon Intelligence Reporting(s) 5 (FortiGuard Research), 1 (Technical Intelligence), 7 (OSINT)
Vendor Advisory:

 

CVE ID CVE-2024-9379
CVE Title Ivanti Cloud Services Appliance (CSA) SQL Injection Vulnerability
NVD Severity HIGH
FortiRecon Severity CRITICAL
FortiRecon Score 90/100
Exploited Yes
Exploited by Ransomware Group(s) No
Exploited by APT Group(s) No
Included in CISA KEV List Yes
Available working exploit(s) 0
Available POC exploit(s) 0
Darknet Mention(s) 0
Telegram Mention(s) 0
FortiRecon Intelligence Reporting(s) 4 (FortiGuard Research), 6 (OSINT)
Vendor Advisory:

 

CVE ID CVE-2024-8963
CVE Title Ivanti Cloud Services Appliance (CSA) Path Traversal Vulnerability
NVD Severity CRITICAL
FortiRecon Severity CRITICAL
FortiRecon Score 90/100
Exploited Yes
Exploited by Ransomware Group(s) No
Exploited by APT Group(s) Yes ()
Included in CISA KEV List Yes
Available working exploit(s) 0
Available POC exploit(s) 1
Darknet Mention(s) 0
Telegram Mention(s) 0
FortiRecon Intelligence Reporting(s) 6 (FortiGuard Research), 1 (Technical Intelligence), 11 (OSINT)
Vendor Advisory:

 

CVE ID CVE-2024-8190
CVE Title Ivanti Cloud Services Appliance OS Command Injection Vulnerability
NVD Severity HIGH
FortiRecon Severity CRITICAL
FortiRecon Score 91/100
Exploited Yes
Exploited by Ransomware Group(s) No
Exploited by APT Group(s) Yes ()
Included in CISA KEV List Yes
Available working exploit(s) 0
Available POC exploit(s) 2
Darknet Mention(s) 1 (ramp)
Telegram Mention(s) 1 (Prompt Intelligence)
FortiRecon Intelligence Reporting(s) 1 (Technical Intelligence), 7 (FortiGuard Research), 12 (OSINT)
Vendor Advisory:

 

 

 

193
0 Kudos
Suggest New Article
Article Feedback
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.