A suspected nation-state adversary has been observed weaponizing three security flaws in Ivanti Cloud Service Appliance (CSA) a zero-day to perform a series of malicious actions. That's according to findings from Fortinet FortiGuard Labs, which said the vulnerabilities were abused to gain unauthenticated access to the CSA, enumerate users configured in the appliance, and attempt to access the credentials of those users. The flaws in question are listed below -CVE-2024-8190 (CVSS score: 7.2) - A command injection flaw in the resource /gsb/DateTimeTab.php, CVE-2024-8963 (CVSS score: 9.4) - A path traversal vulnerability on the resource /client/index.php, CVE-2024-9380 (CVSS score: 7.2) - An authenticated command injection vulnerability affecting the resource reports.php