Security News > 2024 > October > Critical Ivanti RCE flaw with public exploit now used in attacks

Critical Ivanti RCE flaw with public exploit now used in attacks

2024-10-02 18:55

CISA warned today that a critical Ivanti vulnerability that can let threat actors gain remote code execution on vulnerable Endpoint Manager (EPM) appliances is now actively exploited in attacks. [...]

News URL

https://www.bleepingcomputer.com/news/security/critical-ivanti-rce-flaw-with-public-exploit-now-used-in-attacks/

#attack #critical #exploit #ivanti #RCE

Related news

CISA tags critical Ivanti EPM flaws as actively exploited in attacks (source)
Critical PHP RCE vulnerability mass exploited in new attacks (source)
Critical RCE flaw in Apache Tomcat actively exploited in attacks (source)
Ongoing Cyber Attacks Exploit Critical Vulnerabilities in Cisco Smart Licensing Utility (source)
Critical Erlang/OTP SSH pre-auth RCE is 'Surprisingly Easy' to exploit, patch now (source)
Critical Erlang/OTP SSH RCE bug now has public exploits, patch now (source)
Craft CMS RCE exploit chain used in zero-day attacks to steal data (source)
Hackers Exploit Paragon Partition Manager Driver Vulnerability in Ransomware Attacks (source)
Hackers Exploit AWS Misconfigurations to Launch Phishing Attacks via SES and WorkMail (source)
PHP-CGI RCE Flaw Exploited in Attacks on Japan's Tech, Telecom, and E-Commerce Sectors (source)

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Ivanti		29	1	56	184	81	322

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.