Security News > 2025 > January > Researcher Uncovers Critical Flaws in Multiple Versions of Ivanti Endpoint Manager
2025-01-16 06:39
Ivanti has rolled out security updates to address several security flaws impacting Avalanche, Application Control Engine, and Endpoint Manager (EPM), including four critical bugs that could lead to information disclosure. All the four critical security flaws, rated 9.8 out of 10.0 on the CVSS scale, are rooted in EPM, and concern absolute path traversal flaws that allow a remote unauthenticated
News URL
https://thehackernews.com/2025/01/researcher-uncovers-critical-flaws-in.html
Related news
- Week in review: Botnet hits M365 accounts, PoC for Ivanti Endpoint Manager vulnerabilities released (source)
- CISA tags critical Ivanti EPM flaws as actively exploited in attacks (source)
- Researchers Uncover 46 Critical Flaws in Solar Power Systems From Sungrow, Growatt, and SMA (source)
- OpenAI now pays researchers $100,000 for critical vulnerabilities (source)
- Critical Ivanti Flaw Actively Exploited to Deploy TRAILBLAZE and BRUSHFIRE Malware (source)