Security News > 2024 > September > Ivanti Releases Urgent Security Updates for Endpoint Manager Vulnerabilities
2024-09-11 06:30
Ivanti has released software updates to address multiple security flaws impacting Endpoint Manager (EPM), including 10 critical vulnerabilities that could result in remote code execution. A brief description of the issues is as follows - CVE-2024-29847 (CVSS score: 10.0) - A deserialization of untrusted data vulnerability that allows a remote unauthenticated attacker to achieve code execution.
News URL
https://thehackernews.com/2024/09/ivanti-releases-urgent-security-updates.html
Related news
- Ivanti Issues Critical Security Updates for CSA and Connect Secure Vulnerabilities (source)
- HPE Issues Critical Security Patches for Aruba Access Point Vulnerabilities (source)
- Microsoft pulls Exchange security updates over mail delivery issues (source)
- Simplifying endpoint security (source)
- AlmaLinux 9.5 released: Security updates, new packages, and more! (source)
- Apple Releases Urgent Updates to Patch Actively Exploited Zero-Day Vulnerabilities (source)
- Decades-Old Security Vulnerabilities Found in Ubuntu's Needrestart Package (source)
- Oracle Linux 9 Update 5 brings security updates, OpenJDK 17, .NET 9.0 (source)
- How to master endpoint security (source)
- Wireshark 4.4.2: Security updates, bug fixes, updated protocol support (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-09-12 | CVE-2024-29847 | Deserialization of Untrusted Data vulnerability in Ivanti Endpoint Manager Deserialization of untrusted data in the agent portal of Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote unauthenticated attacker to achieve remote code execution. | 9.8 |