Ivanti

  • Blog
    digitpatrox2 weeks ago
    26

    Ivanti warns of maximum severity CSA auth bypass vulnerability

    Today, Ivanti warned customers about a new maximum-severity authentication bypass vulnerability in its Cloud Services Appliance (CSA) solution. The security flaw (tracked as CVE-2024-11639 and reported by CrowdStrike’s Advanced Research Team) enables remote attackers to gain administrative privileges on vulnerable appliances running Ivanti CSA 5.0.2 or earlier without requiring authentication or user interaction by circumventing authentication using an alternate path…

    Read More »
  • Blog
    digitpatroxOctober 3, 2024
    66

    Critical Ivanti RCE flaw with public exploit now used in attacks

    CISA warned today that a critical Ivanti vulnerability that can let threat actors gain remote code execution on vulnerable Endpoint Manager (EPM) appliances is now actively exploited in attacks. Ivanti EPM is an all-in-one endpoint management solution that helps admins manage client devices on various platforms, including Windows, macOS, Chrome OS, and IoT operating systems. Tracked as CVE-2024-29824, this SQL Injection vulnerability in…

    Read More »
Back to top button
close