Home Security Ivanti Endpoint Manager Flaw Actively Targeted, CISA Warns Agencies to Patch

Ivanti Endpoint Manager Flaw Actively Targeted, CISA Warns Agencies to Patch

by


Oct 03, 2024Ravie LakshmananVulnerability / Endpoint Security

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a security flaw impacting Endpoint Manager (EPM) that the company patched in May to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.

The vulnerability, tracked as CVE-2024-29824, carries a CVSS score of 9.6 out of a maximum of 10.0, indicating critical severity.

“An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary code,” the software service provider said in an advisory released on May 21, 2024.

Cybersecurity

Horizon3.ai, which released a proof-of-concept (PoC) exploit for the flaw in June, said the issue is rooted in a function called RecordGoodApp() within a DLL named PatchBiz.dll.

Specifically, it concerns how the function handles an SQL query statement, thereby allowing an attacker to gain remote code execution via xp_cmdshell.

The exact specifics of how the shortcoming is being exploited in the wild remains unclear, but Ivanti has since updated the bulletin to state that it has “confirmed exploitation of CVE-2024-29824” and that a “limited number of customers” have been targeted.

With the latest development, as many as four different flaws in Ivanti appliances have come under active abuse within just a month’s span, showing that they are a lucrative attack vector for threat actors –

  • CVE-2024-8190 (CVSS score: 7.2) – An operating system command injection vulnerability in Cloud Service Appliance (CSA)
  • CVE-2024-8963 (CVSS score: 9.4) – A path traversal vulnerability in CSA
  • CVE-2024-7593 (CVSS score: 9.8) – An authentication bypass vulnerability Virtual Traffic Manager (vTM)

Federal agencies are mandated to update their instances to the latest version by October 23, 2024, to safeguard their networks against active threats.

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.





Source link

Related Articles

xxxanti beeztube.mobi hot sexy mp4 menyoujan hentaitgp.net jason voorhees hentai indian soft core chupatube.net youjzz ez2 may 8 2023 pinoycinema.org ahensya ng pamahalaan pakistani chut ki chudai pimpmovs.com www xvedio dost ke papa zztube.mobi 300mbfilms.in صور مص الزب arabporna.net نهر العطش لمن تشعر بالحرمان movierulz plz.in bustyporntube.info how to make rangoli video 穂高ゆうき simozo.net 四十路五十路 ロシアav javvideos.net 君島みお 無修正 افلام سكس في المطبخ annarivas.net فيلم سكس قديم rashmi hot videos porncorn.info audiosexstories b grade latest nesaporn.pro high school girls sex videos real life cam eroebony.info painfull porn exbii adult pics teacherporntrends.com nepali school sex