Security News > 2025 > February > PoC exploit for Ivanti Endpoint Manager vulnerabilities released (CVE-2024-13159)
2025-02-24 14:11
A proof-of-concept (PoC) exploit for four critical Ivanti Endpoint Manager vulnerabilities has been released by Horizon3.ai researchers. The vulnerabilities – CVE-2024-10811, CVE-2024-13161, CVE-2024-13160 and CVE-2024-13159 – may be exploited by remote, unauthenticated attackers to leverage Ivanti EPM machine account credentials for relay attacks and, ultimately, to compromise the Ivanti EPM server. “Compromising the Endpoint Manager server itself would lead to the ability to compromise all of the EPM clients, making this avenue especially impactful,” Horizon3.ai … More → The post PoC exploit for Ivanti Endpoint Manager vulnerabilities released (CVE-2024-13159) appeared first on Help Net Security.
News URL
#CVE #endpoint #exploit #ivanti #POC #vulnerabilities #CVE-2024-13160 #CVE-2024-13159 #CVE-2024-13161 #CVE-2024-10811
Related news
- Week in review: Botnet hits M365 accounts, PoC for Ivanti Endpoint Manager vulnerabilities released (source)
- Ivanti endpoint manager can become endpoint ravager, thanks to quartet of critical flaws (source)
- MITRE Caldera RCE vulnerability with public PoC fixed, patch ASAP! (CVE-2025–27364) (source)
- CISA Adds Five Actively Exploited Vulnerabilities in Advantive VeraCore and Ivanti EPM to KEV List (source)
- Ongoing Cyber Attacks Exploit Critical Vulnerabilities in Cisco Smart Licensing Utility (source)
- RESURGE Malware Exploits Ivanti Flaw with Rootkit and Web Shell Features (source)
- Russian Hackers Exploit CVE-2025-26633 via MSC EvilTwin to Deploy SilentPrism and DarkWisp (source)
- Attackers are targeting CrushFTP vulnerability with public PoC (CVE-2025-2825) (source)
- Ivanti VPN customers targeted via unrecognized RCE vulnerability (CVE-2025-22457) (source)
- Hackers exploit old FortiGate vulnerabilities, use symlink trick to retain limited access to patched devices (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-01-14 | CVE-2024-13161 | Unspecified vulnerability in Ivanti Endpoint Manager 2021.1.1/2022/2024 Absolute path traversal in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to leak sensitive information. | 7.5 |
| 2025-01-14 | CVE-2024-13160 | Unspecified vulnerability in Ivanti Endpoint Manager 2021.1.1/2022/2024 Absolute path traversal in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to leak sensitive information. | 7.5 |
| 2025-01-14 | CVE-2024-13159 | Unspecified vulnerability in Ivanti Endpoint Manager 2021.1.1/2022/2024 Absolute path traversal in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to leak sensitive information. | 7.5 |
| 2025-01-14 | CVE-2024-10811 | Absolute path traversal in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to leak sensitive information. | 0.0 |