Unauthenticated SQL Injection Vulnerability Affects Ivanti EPM

Summary

The vulnerability CVE-2024-29824 is an unauthenticated SQL injection vulnerability affecting Ivanti EPM 2022 SU5 and earlier. It allows unauthenticated attackers within the same network to execute arbitrary code, earning it a critical 9.8 out of 10 CVSS score. A proof-of-concept exploit has been developed for this vulnerability and has been published by researchers. Ivanti has responded to the issue by promptly releasing a patch for CVE-2024-29824 on May 24, and organizations are strongly advised to upgrade to the latest version to prevent exploitation. The exploit allows attackers to take over an Ivanti system, potentially affecting other systems and compromising the organization. Despite Ivanti's recent history of security problems, they have responded promptly to this vulnerability. It is also recommended to keep management interfaces protected from the wider web to prevent unauthorized access to the Endpoint Manager.

News Articles

Pentest-Tools.com

CVE-2024-29824

Ivanti EPM - Remote Code Execution (CVE-2024-29824)

An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary code..

2 months ago

eSecurity Planet

CVE-2024-29824CVE-2024-4577

Vulnerability Recap 6/18/24: Patch Tuesday, Ivanti, Pixel

Microsoft Patch Tuesday identifies and fixes more than 50 vulnerabilities, plus Ivanti Endpoint Manager runs into yet another RCE bug.

3 months ago

CVE-2024-29824

PoC Exploit Emerges for Critical RCE Bug in Ivanti Endpoint Manager

A new month, a new high-risk Ivanti bug for attackers to exploit — this time, an SQL injection issue in its centralized endpoint manager.

3 months ago

More News...