Security News > 2025 > March > CISA tags critical Ivanti EPM flaws as actively exploited in attacks

CISA tags critical Ivanti EPM flaws as actively exploited in attacks

2025-03-11 13:01

CISA warned U.S. federal agencies to secure their networks against attacks exploiting three critical vulnerabilities affecting Ivanti Endpoint Manager (EPM) appliances. [...]

News URL

https://www.bleepingcomputer.com/news/security/cisa-tags-critical-ivanti-epm-flaws-as-actively-exploited-in-attacks/

#attack #cisa #critical #ivanti

Related news

Researcher Uncovers Critical Flaws in Multiple Versions of Ivanti Endpoint Manager (source)
CISA: Hackers still exploiting older Ivanti bugs to breach networks (source)
Zyxel CPE devices under attack via critical vulnerability without a patch (CVE-2024-40891) (source)
CISA and FDA Warn of Critical Backdoor in Contec CMS8000 Patient Monitors (source)
CISA tags Microsoft .NET and Apache OFBiz bugs as exploited in attacks (source)
CISA orders agencies to patch Linux kernel bug exploited in attacks (source)
Critical RCE bug in Microsoft Outlook now exploited in attacks (source)
Ivanti Patches Critical Flaws in Connect Secure and Policy Secure – Update Now (source)
Ivanti fixes three critical flaws in Connect Secure & Policy Secure (source)
Critical PostgreSQL bug tied to zero-day attack on US Treasury (source)

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Ivanti		29	1	56	177	79	313

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.