Ivanti has released a patch for a critical security vulnerability and advises users to apply it immediately to secure their infrastructure.
In an advisory, Ivanti said it had discovered a deserialization vulnerability in its Endpoint Management (EPM) agent portal. The vulnerability is tracked as CVE-2024-29847 and has a maximum severity score.
Ivanti said the bug could allow unauthenticated threat actors to remotely execute malicious code on the core server: “Successful exploitation could result in unauthorized access to the EPM core server,” the company explained. The good news is that there is no evidence (yet) of the bug being exploited in the wild — and users should look forward to Ivanti EPM 2024 hot patches, as well as Ivanti EPM 2022 Service Update 6 (SU6), as they address the issue.
Fixing numerous bugs
Ivanti Endpoint Management is a software solution that helps organizations manage, secure, and optimize devices on their networks. It enables IT teams to automate tasks such as software deployment, patch management, and device configuration while ensuring endpoint security and compliance.
The platform supports multiple operating systems, including Windows, macOS, and mobile devices, and provides centralized control for streamlined management. By using Ivanti, enterprises can reduce IT complexity, improve device performance, and minimize security risks across their endpoint infrastructure.
Along with this flaw, Ivanti has addressed numerous other bugs, including several critical severity vulnerabilities in Ivanti EPM, Workspace Control (IWC), and Cloud Service Appliance (CSA). The company says that none of these flaws have been exploited in the wild.
However, now that there is news of the vulnerabilities that are out there, it is only a matter of time before someone comes up with a Proof-of-Concept and starts scanning for flawed endpoints. Ivanti products are used by over 40,000 organizations worldwide and as such are a prime target.
Via BleepingComputer