Ivanti Issues Critical Updates for EPM Flaws

Lilu Anderson
Photo: Finoracle.net

Ivanti Addresses Critical Security Vulnerabilities in Endpoint Manager

Ivanti, a prominent software company known for its IT management solutions, has released urgent security updates to address significant vulnerabilities in its Endpoint Manager (EPM). These updates are crucial, especially since they tackle 10 critical security flaws that could lead to remote code execution—a situation where an attacker can run malicious code on a user's device without permission.

Understanding the Vulnerabilities

One of the most alarming vulnerabilities, tagged as CVE-2024-29847, received a perfect severity score of 10.0 on the CVSS scale. This flaw involves deserialization of untrusted data, which means that an attacker could send harmful data to the system, tricking it into executing unauthorized actions. Imagine receiving a harmful email attachment that, when opened, could take control of your computer—this gives a sense of the danger posed by such a vulnerability.

Additionally, nine other vulnerabilities, identified as CVE-2024-32840 through CVE-2024-34785, are addressed. These are SQL injection vulnerabilities. SQL injections are like giving a stranger access to your filing cabinet, allowing them to access or even change confidential information. These flaws particularly affect those with admin privileges, making it even more critical to update.

Affected Versions and Solutions

The affected EPM versions are 2024 and 2022 SU5 and earlier. Ivanti has provided fixes in the 2024 SU1 and 2022 SU6 versions. Users are strongly advised to update their systems to these latest versions to ensure protection. Although there is no current evidence of these vulnerabilities being exploited as zero-days, delaying the update could leave systems vulnerable to potential attacks.

Additional Security Enhancements

Alongside these updates for EPM, Ivanti has also released patches for seven high-severity vulnerabilities in other products, such as Ivanti Workspace Control and Ivanti Cloud Service Appliance. The company has improved its internal mechanisms to better detect and resolve security issues, highlighting their commitment to user safety.

Zyxel's Critical Update

In a related note, Zyxel, a tech company providing networking solutions, has also released an urgent fix for a critical OS command injection vulnerability (CVE-2024-6342). This affects specific network-attached storage (NAS) devices, namely NAS326 and NAS542. Users of these devices should immediately apply the provided hotfixes to secure their systems from potential exploitation.

Ivanti's and Zyxel's responses underscore the importance of regular updates and patches to safeguard against evolving cyber threats. It's a timely reminder to all tech users to remain vigilant and proactive in maintaining the security of their systems.

Share This Article
Lilu Anderson is a technology writer and analyst with over 12 years of experience in the tech industry. A graduate of Stanford University with a degree in Computer Science, Lilu specializes in emerging technologies, software development, and cybersecurity. Her work has been published in renowned tech publications such as Wired, TechCrunch, and Ars Technica. Lilu’s articles are known for their detailed research, clear articulation, and insightful analysis, making them valuable to readers seeking reliable and up-to-date information on technology trends. She actively stays abreast of the latest advancements and regularly participates in industry conferences and tech meetups. With a strong reputation for expertise, authoritativeness, and trustworthiness, Lilu Anderson continues to deliver high-quality content that helps readers understand and navigate the fast-paced world of technology.