Ivanti has released patches for multiple critical security vulnerabilities in its Endpoint Manager (EPM). These vulnerabilities, identified as CVE-2024-29822 through CVE-2024-29827, include six SQL injection flaws that allow remote code execution (RCE) without authentication. The company's proactive measures follow earlier incidents this year when Ivanti devices were hacked, prompting collaboration with the Cybersecurity and Infrastructure Security Agency (CISA) to address the vulnerabilities. The patches aim to mitigate the risks associated with these critical flaws and enhance the security of the Endpoint Manager.
Ivanti Patches Critical Remote Code Execution Flaws in Endpoint Manager https://t.co/eGlRdce1rj
When Ivanti devices got hacked earlier this year, the company’s participation in an industry-government collaboration gave the @CISAgov a “head start” toward confronting the vulnerability, the agency’s director said Wednesday. https://t.co/HvXkraE36k https://t.co/cMas7Qm1iE
Critical SQL Injection flaws impact Ivanti Endpoint Manager (EPM): https://t.co/hJ5mC0gt49 by Security Affairs #infosec #cybersecurity #technology #news
Ivanti Patches Critical Remote Code Execution Flaws in Endpoint Manager: https://t.co/NhEHV1ydLg by The Hacker News #infosec #cybersecurity #technology #news
🔥 Ivanti released patches for multiple critical security flaws (CVE-2024-29822 through CVE-2024-29827) in Endpoint Manager (EPM) — 6 of these are SQL injection vulnerabilities that allow RCE without authentication. Learn more: https://t.co/822XrWBLfX #hacking #cybersecurity
Ivanti Patches Critical Code Execution Vulnerabilities in Endpoint Manager #cybersecurity https://t.co/1zJgZUl2Py
Multiple Critical Vulnerabilities Discovered in Ivanti Endpoint Manager https://t.co/sySSFslKhA