CVE-2024-9379

ENISA EUVD: EUVD-2024-49897 ↗

Exploited in the Wild ✓ Confirmed 0-Day

Triaged: March 5, 2026 3 articles

VulnLookup ↗ NVD ↗ EUVD ↗ MITRE ↗ CISA KEV ↗

EPSS Score

Source: FIRST.org · 2026-05-24

79.26%

probability

This CVE has a 79.26% probability of being exploited in the next 30 days.

0% Top 99.1th percentile of all CVEs 100%

CVSS v3.1

Source: NVD

6.5

Attack Vector

Network

Attack Complexity

Low

Privileges Required

High

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

High

Availability

High

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H

Affected Products

Attack Intelligence

CWE-707 · Improper Neutralization CWE-74 · Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-89 · SQL Injection CWE-943 · Improper Neutralization of Special Elements in Data Query Logic

Ivanti warns of three more CSA zero-days exploited in attacks

BleepingComputer Oct 08, 2024

Cisco Fixes Critical Privilege Escalation Flaw in Meeting Management (CVSS 9.9)

TheHackerNews

Exploitations de vulnérabilités dans Ivanti Cloud Services Appliance (CSA) (22 octobre 2024)

CERT-FR Oct 22, 2024

Signal Intelligence

Confidenceⓘ

85%

EPSS 79.26%

CVSS v3.1 6.5

Mentions 3

Last Seen Oct 22, 2024

CNA Information

Analyst Note

CVE-2024-9379 is explicitly named in Ivanti's warning of 'three more CSA zero-days exploited in attacks' (BleepingComputer, 2024). The CVE was published 2024-10-08 and actively exploited in the wild by the time of the warning, with CERT-FR documenting exploitation as of 2024-10-22. The timing and explicit zero-day designation in authoritative sources confirm this meets zero-day criteria.

Threat Actors 3

Infy

apt_group Information theft and espionage 🇮🇷 IR

Red October

apt_group 🇷🇺 RU

PlushDaemon

apt_group Information theft and espionage 🇨🇳 CN

Triage Info

Decided atMar 05, 2026