Ivanti has rolled out crucial software updates aimed at mitigating multiple vulnerabilities in its Endpoint Manager (EPM) software, targeting a spectrum of security flaws that could potentially jeopardize user data and system integrity. Among these, a particularly severe deserialization of untrusted data vulnerability (CVE-2024-29847) stands out with a CVSS score of 10.0, indicating its critical nature and the potential for remote unauthenticated attackers to execute arbitrary code. This is a significant concern as such vulnerabilities can open the door for various forms of cyberattacks, from data breaches to system takeovers.
In addition to this critical flaw, Ivanti has also patched several unspecified SQL injection vulnerabilities (CVE-2024-32840, -32842, -32843, -32845, -32846, -32848, -34779, -34783, and -34785), each carrying a CVSS score of 9.1. These vulnerabilities are particularly menacing as they allow an authenticated attacker with administrative privileges to potentially execute remote code, thus gaining unauthorized access and control over affected systems. The vulnerable versions include EPM 2024 and 2022 SU5 and earlier, with the issues addressed in the newly released versions 2024 SU1 and 2022 SU6. Ivanti emphasizes the urgency of upgrading to these latest versions to mitigate risks.
Significance of Prompt Updates
The release of these software updates underscores the urgent need for organizations using Ivanti’s products to promptly upgrade to the latest versions to protect against these identified flaws. To date, Ivanti has confirmed that there have been no reports of active exploitation of these vulnerabilities in the wild. Nevertheless, the swift response to these issues highlights a proactive approach following the exploitation of zero-day vulnerabilities in Ivanti products, particularly by cyber espionage groups with ties to China. These groups’ activities underscore the increasingly sophisticated threats organizations face in today’s cybersecurity landscape.
Ivanti’s quick action in issuing these patches highlights the company’s commitment to its users’ security. In addition to releasing updates for EPM, Ivanti has rectified seven high-severity vulnerabilities in Ivanti Workspace Control (IWC) and Ivanti Cloud Service Appliance (CSA). To bolster its security posture, Ivanti has increased its internal scanning and manual testing protocols. Furthermore, the company has refined its responsible disclosure process, facilitating the increased identification and resolution of vulnerabilities. These measures are a testament to Ivanti’s dedication to fortifying its software and protecting its customers from evolving cyber threats.
Broader Cybersecurity Measures
Ivanti has released critical software updates to address multiple vulnerabilities in its Endpoint Manager (EPM) software. These updates target a variety of security flaws that could compromise user data and system integrity. Notably, a severe deserialization of untrusted data vulnerability (CVE-2024-29847) has been identified, with a maximum CVSS score of 10.0. This vulnerability is particularly dangerous as it allows remote unauthenticated attackers to execute arbitrary code, posing significant risks of data breaches and system takeovers.
Additionally, Ivanti has fixed several unspecified SQL injection vulnerabilities (CVE-2024-32840, -32842, -32843, -32845, -32846, -32848, -34779, -34783, and -34785), each with a CVSS score of 9.1. These SQL injection flaws are perilous because they enable an authenticated attacker with admin privileges to execute remote code, thereby gaining unauthorized access to systems. The affected versions include EPM 2024 and 2022 SU5 and earlier, with patches provided in versions 2024 SU1 and 2022 SU6. Ivanti stresses the urgency of upgrading to these latest versions to mitigate these serious security risks.