Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home Alerts

Ivanti Urgently Patches Critical EPM Flaws

September 11, 2024
Reading Time: 2 mins read
in Alerts
Ivanti Urgently Patches Critical EPM Flaws

Ivanti has issued critical security updates for its Endpoint Manager (EPM) to address several high-severity vulnerabilities that pose significant risks to users. The updates specifically target ten severe flaws, including CVE-2024-29847, which has been assigned a CVSS score of 10.0. This vulnerability involves the deserialization of untrusted data, allowing remote unauthenticated attackers to execute arbitrary code on systems affected by this issue. Additionally, the updates address multiple SQL injection vulnerabilities, such as CVE-2024-32840 and others, each with a CVSS score of 9.1. These SQL injection flaws enable remote authenticated attackers with administrative privileges to execute code remotely, further compromising the security of the affected systems.

The vulnerabilities impact EPM versions 2024 and 2022 SU5 and earlier. To mitigate these risks, Ivanti has released fixes in EPM versions 2024 SU1 and 2022 SU6. Although there is no evidence suggesting that these vulnerabilities have been actively exploited as zero-day attacks, Ivanti stresses the importance of updating to the latest versions. By doing so, users can protect themselves against potential threats that may emerge in the future. The company’s prompt action in addressing these vulnerabilities highlights its commitment to maintaining robust security and protecting its users from evolving threats.

In addition to the Endpoint Manager updates, Ivanti has also released patches for seven high-severity vulnerabilities in Ivanti Workspace Control and Ivanti Cloud Service Appliance. These updates reflect Ivanti’s broader efforts to enhance its internal security measures. The company has significantly improved its internal scanning, manual exploitation, and testing capabilities. Furthermore, Ivanti has refined its responsible disclosure process to expedite the discovery and remediation of vulnerabilities. This proactive approach is part of a larger strategy to address the growing number of security threats and ensure the safety and integrity of its products.

Reference:

  • Ivanti Urgently Releases Updates for Critical Endpoint Manager Vulnerabilities
Tags: Cyber AlertsCyber Alerts 2024Cyber threatsEndpoint ManagerEPMIvantiSeptember 2024SQL injectionVulnerability
ADVERTISEMENT

Related Posts

Glibc Flaw Gives Linux Root Access Risk

Mozilla Urgent Firefox Patch Fixes RCE Flaws

May 19, 2025
Fileless Remcos RAT Delivery Via LNK Files

ModiLoader Malware Targets Windows Users

May 19, 2025
Glibc Flaw Gives Linux Root Access Risk

Glibc Flaw Gives Linux Root Access Risk

May 19, 2025
Fileless Remcos RAT Delivery Via LNK Files

APT28 RoundPress Webmail Hack Steals Emails

May 16, 2025
Fileless Remcos RAT Delivery Via LNK Files

FBI Warns of AI Voice Phishing Scams

May 16, 2025
Fileless Remcos RAT Delivery Via LNK Files

Fileless Remcos RAT Delivery Via LNK Files

May 16, 2025

Latest Alerts

Mozilla Urgent Firefox Patch Fixes RCE Flaws

ModiLoader Malware Targets Windows Users

Glibc Flaw Gives Linux Root Access Risk

Fileless Remcos RAT Delivery Via LNK Files

FBI Warns of AI Voice Phishing Scams

APT28 RoundPress Webmail Hack Steals Emails

Subscribe to our newsletter

    Latest Incidents

    Massive DDoS Hits Poland’s Civic Platform

    Arla Plant Cyberattack Halts Operations

    Georgia’s Harbin Clinic Hit by Data Breach

    Hackers Target Swiss Reserve Power Plant

    Coinbase Insider Attack Exposed User Data

    Cyberattack Hits J Batista Group

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial