Unauthenticated SQL Injection Vulnerability Affects Ivanti EPM
Key Information
- Vendor
- Ivanti
- Status
- Epm
- Vendor
- CVE Published:
- 31 May 2024
Badges
Summary
The vulnerability CVE-2024-29824 is an unauthenticated SQL injection vulnerability affecting Ivanti EPM 2022 SU5 and earlier. It allows unauthenticated attackers within the same network to execute arbitrary code, earning it a critical 9.8 out of 10 CVSS score. A proof-of-concept exploit has been developed for this vulnerability and has been published by researchers. Ivanti has responded to the issue by promptly releasing a patch for CVE-2024-29824 on May 24, and organizations are strongly advised to upgrade to the latest version to prevent exploitation. The exploit allows attackers to take over an Ivanti system, potentially affecting other systems and compromising the organization. Despite Ivanti's recent history of security problems, they have responded promptly to this vulnerability. It is also recommended to keep management interfaces protected from the wider web to prevent unauthorized access to the Endpoint Manager.
Affected Version(s)
EPM <= 2022 SU5
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
News Articles
Ivanti EPM - Remote Code Execution (CVE-2024-29824)
An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary code..
2 months ago
Vulnerability Recap 6/18/24: Patch Tuesday, Ivanti, Pixel
Microsoft Patch Tuesday identifies and fixes more than 50 vulnerabilities, plus Ivanti Endpoint Manager runs into yet another RCE bug.
3 months ago
PoC Exploit Emerges for Critical RCE Bug in Ivanti Endpoint Manager
A new month, a new high-risk Ivanti bug for attackers to exploit — this time, an SQL injection issue in its centralized endpoint manager.
3 months ago
CVSS V3.1
Timeline
- 👾
Exploit exists.
First article discovered by GBHackers on Security
Risk change from: null to: 9.6 - (CRITICAL)
Vulnerability published.
Vulnerability Reserved.