Tag: Ivanti

Ivanti February Security Updates Addresses Multiple Vulnerabilities in Popular Products

Posted by Author Diksha Ojha on Posted on

Ivanti released its security updates for February, addressing various critical and high severity vulnerabilities. The vulnerabilities impact Ivanti products such as Ivanti Connect Secure (ICS), Ivanti Policy Secure (IPS), Cloud Services Application (CSA), and Ivanti Secure Access Client (ISAC). The advisory addressed 10 vulnerabilities that can lead to remote code execution, privilege escalation, and more. … Continue reading “Ivanti February Security Updates Addresses Multiple Vulnerabilities in Popular Products”

Ivanti Released Updates for Ivanti Endpoint Manager (EPM)

Posted by Author Diksha Ojha on Posted on

Ivanti has addressed multiple critical and high severity vulnerabilities in its security advisory. Ivanti addressed 16 vulnerabilities impacting the Ivanti Endpoint Manager (EPM). Successful exploitation of the vulnerabilities may allow a remote, unauthenticated attacker to execute arbitrary code, elevation of privileges, and denial of service. Ivanti mentioned in the advisory that there is no proof of … Continue reading “Ivanti Released Updates for Ivanti Endpoint Manager (EPM)”

Ivanti Releases Fixes for Multiple Vulnerabilities Impacting Connect Secure, Policy Secure, Cloud Services Application, and Sentry

Posted by Author Diksha Ojha on Posted on

Ivanti released its December 2024 security advisory to address nine critical and high severity vulnerabilities in its products, such as Ivanti Connect Secure, Policy Secure, Cloud Services Application, and Sentry. Five of these nine vulnerabilities are rated as critical. Ivanti mentioned in the advisory that there was no prior knowledge of any customers being exploited … Continue reading “Ivanti Releases Fixes for Multiple Vulnerabilities Impacting Connect Secure, Policy Secure, Cloud Services Application, and Sentry”

Ivanti Releases Fixes for Multiple Vulnerabilities Impacting Cloud Services Appliance (CVE-2024-9379, CVE-2024-9380, & CVE-2024-9381)

Posted by Author Diksha Ojha on Posted on

Ivanti released a patch to address three Cloud Services Appliance (CSA) zero-day vulnerabilities actively exploited in attacks. CVE-2024-9379, CVE-2024-9380, and CVE-2024-9381 are high and medium severity vulnerabilities that may allow an attacker with admin privileges to bypass restrictions, run arbitrary SQL statements, or obtain remote code execution. Ivanti mentioned in the advisory, “We are aware … Continue reading “Ivanti Releases Fixes for Multiple Vulnerabilities Impacting Cloud Services Appliance (CVE-2024-9379, CVE-2024-9380, & CVE-2024-9381)”

Ivanti Patches Multiple Vulnerabilities Impacting Avalanche Mobile Device Management Solution (CVE-2024-24996 & CVE-2024-29204)

Posted by Author Diksha Ojha on Posted on

Ivanti released a security advisory to address 27 medium, high, and critical severity vulnerabilities in its mobile device management solution Avalanche. CVE-2024-24996 and CVE-2024-29204 are the two vulnerabilities that have been given critical severity ratings. Successful exploitation of the vulnerabilities may allow remote attackers to trigger denial-of-service attacks, execute arbitrary commands as SYSTEM, read sensitive … Continue reading “Ivanti Patches Multiple Vulnerabilities Impacting Avalanche Mobile Device Management Solution (CVE-2024-24996 & CVE-2024-29204)”