Ivanti Cloud Services Application Vulnerability Leads to Privilege Escalation
Ivanti has disclosed a high-severity security vulnerability affecting its Cloud Services Application (CSA) that could allow attackers to escalate privileges on vulnerable systems. The security flaw, tracked as CVE-2025-22460, was announced on May 13, 2025, as part of Ivanti’s ongoing security update program. According to the company’s security advisory, the vulnerability is caused by default […] The post Ivanti Cloud Services Application Vulnerability Leads to Privilege Escalation appeared first on Cyber Security News.
Ivanti has disclosed a high-severity security vulnerability affecting its Cloud Services Application (CSA) that could allow attackers to escalate privileges on vulnerable systems. The security flaw, tracked as CVE-2025-22460, was announced on May 13, 2025, as part of Ivanti’s ongoing security update program.
According to the company’s security advisory, the vulnerability is caused by default credentials present in Ivanti Cloud Services Application versions 5.0.4 and earlier.
Successful exploitation could enable a local authenticated attacker to gain elevated privileges on affected systems, potentially leading to complete system compromise.
The vulnerability has been assigned a CVSS score of 7.8 (High) with a vector of CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H, indicating significant impact on confidentiality, integrity, and availability if exploited.
Cloud Services Application Vulnerability
“This vulnerability represents a serious risk for organizations utilizing Ivanti CSA in their environments,” said Mark Thompson, cybersecurity analyst at Digital Fortress. “Privilege escalation flaws often serve as critical stepping stones in broader attack chains.”
Ivanti has released version 5.0.5 to address the vulnerability, available through the company’s download portal. However, the company issued an important caveat regarding the patch implementation.
“It has been identified that if a Cloud Services Application installation is upgraded to version 5.0.5, this fix is not automatically applied as intended,” the advisory states.
This implementation issue means customers must perform a fresh installation or follow specific mitigation steps provided by Ivanti to properly secure their systems.
The company noted that it is not aware of any active exploitation of this vulnerability in the wild before disclosure. Fraser Hess of Pinnacol Assurance reported the flaw through Ivanti’s responsible disclosure program.
This disclosure comes amid a series of security challenges for Ivanti. Earlier this year, the company patched multiple critical vulnerabilities in its Connect Secure, Policy Secure, and ZTA Gateway products.
The CSA is an internet appliance that provides secure communication and functionality over the Internet for Ivanti’s Endpoint Manager product line.
Security experts recommend that organizations using affected versions prioritize this update, particularly given the implementation issues with the patch.
Organizations should also review their security logs for any signs of suspicious activity that might indicate previous exploitation attempts.
Vulnerability Attack Simulation on How Hackers Rapidly Probe Websites for Entry Points – Free Webinar
The post Ivanti Cloud Services Application Vulnerability Leads to Privilege Escalation appeared first on Cyber Security News.
