Security News > 2025 > January > Researcher Uncovers Critical Flaws in Multiple Versions of Ivanti Endpoint Manager
2025-01-16 06:39
Ivanti has rolled out security updates to address several security flaws impacting Avalanche, Application Control Engine, and Endpoint Manager (EPM), including four critical bugs that could lead to information disclosure. All the four critical security flaws, rated 9.8 out of 10.0 on the CVSS scale, are rooted in EPM, and concern absolute path traversal flaws that allow a remote unauthenticated
News URL
https://thehackernews.com/2025/01/researcher-uncovers-critical-flaws-in.html
Related news
- Ivanti endpoint manager can become endpoint ravager, thanks to quartet of critical flaws (source)
- Ivanti Patches Critical Flaws in Connect Secure and Policy Secure – Update Now (source)
- Ivanti fixes three critical flaws in Connect Secure & Policy Secure (source)
- PoC exploit for Ivanti Endpoint Manager vulnerabilities released (CVE-2024-13159) (source)