The threat actor exploited the CVE-2024-8190 vulnerability in conjunction with two previously unknown vulnerabilities, CVE-2024-8963 and CVE-2024-9380, to gain unauthorized access to the Ivanti CSA appliance.  They leveraged the path traversal vulnerability in CVE-2024-8963 to navigate to other sensitive resources and then exploited the command injection vulnerability in CVE-2024-9380 to execute arbitrary commands on the … Continue reading Hackers Exploit Ivanti CSA Zero-Day to Infiltrate Networks