Ivanti has addressed multiple critical and high severity vulnerabilities in its security advisory. Ivanti addressed 16 vulnerabilities impacting the Ivanti Endpoint Manager (EPM). Successful exploitation of the vulnerabilities may allow a remote, unauthenticated attacker to execute arbitrary code, elevation of privileges, and denial of service.
Ivanti mentioned in the advisory that there is no proof of any customers being exploited by these vulnerabilities before public disclosure. Ivanti EPM can help protect devices and data with tools like antivirus, application control, and firewall.
Ivanti Endpoint Manager (EPM) is a tool that helps IT administrators manage and secure devices and data across networks. It can manage Windows, macOS, Linux, iOS, and Android devices.
CVE-2024-10811, CVE-2024-13161, CVE-2024-13160, & CVE-2024-13159
The vulnerabilities have a critical severity rating with a CVSS score of 9.8. The path traversal vulnerability may allow a remote, unauthenticated attacker to leak sensitive information.
Affected and Patched Versions
| Product Name | Affected Versions | Patched Versions | Patch Availability |
| Ivanti Endpoint Manager | 2024 November security update and prior, 2022 SU6 November security update and prior |
EPM 2024 January-2025 Security Update, EPM 2022 SU6 January-2025 Security Update | EPM 2024 January-2025 Patch |
For more information, please refer to the Ivanti Security Advisory.
Qualys Detection
Qualys customers can scan their devices with QID 382673 to detect vulnerable assets.
Please continue to follow Qualys Threat Protection for more coverage of the latest vulnerabilities.
References
