3 October 2024

Critical Ivanti EPM RCE flaw exploited in the wild


Critical Ivanti EPM RCE flaw exploited in the wild

A critical Ivanti vulnerability that can be used by threat actors to remotely execute code on vulnerable Endpoint Manager (EPM) appliances has come under active exploitation, security experts warn.

Ivanti EPM, a popular endpoint management solution, enables administrators to manage devices across a range of platforms, including Windows, macOS, Chrome OS, and Internet of Things (IoT) operating systems.

Tracked as CVE-2024-29824, the flaw is an SQL Injection issue that allows a remote attacker to execute arbitrary SQL queries in database. It

was initially addressed in May 2024 as part of a broader security update that patched six remote code execution vulnerabilities in the Core server. In June, security researchers published an in-depth analysis of the vulnerability along with the proof-of-concept (PoC) code.

On Wednesday, Ivanti updated its initial security advisory to add that it “has confirmed exploitation of CVE-2024-29824 in the wild,” with a limited number of customers who have been exploited.

Additionally, the US Cybersecurity and Infrastructure Security Agency (CISA) has added the flaw to its catalog of exploited vulnerabilities.

Back to the list

Latest Posts

Rockstar 2FA phishing-as-a-service targets Microsoft 365 users with AiTM attacks

Rockstar 2FA phishing-as-a-service targets Microsoft 365 users with AiTM attacks

Rockstar 2FA appears to be an updated version of the DadSec (also known as Phoenix) phishing kit.
2 December 2024
Phishing campaign targeting tax professionals in Ukraine with Litemanager malware

Phishing campaign targeting tax professionals in Ukraine with Litemanager malware

CERT-UA attributes the activity to the financially motivated group UAC-0050.
2 December 2024
Hackers steal $17M from Uganda's central bank

Hackers steal $17M from Uganda's central bank

The attackers breached the central bank’s IT systems earlier this month and transferred the funds to various accounts.
2 December 2024