Together with this flaw, Ivanti has addressed numerous other bugs, including a number of critical severity vulnerabilities in Ivanti EPM, Workspace Control (IWC), and Cloud Service Appliance (CSA).

Ivanti fixed a critical remote code execution (RCE) vulnerability in its Endpoint Management software (EPM) that can let unauthenticated attackers hijack enrolled devices or the core server.

Ivanti released security updates to patch this security flaw in May, when it also addressed five other remote code execution bugs in EPM's Core server, all impacting Ivanti EPM 2022 SU5 and prior.

The three vulnerabilities, tracked as CVE-2024-13159, CVE-2024-13160, and CVE-2024-13161 are described by Ivanti as absolute path traversals and were part of a larger patch that addressed four ...

A vulnerability patched in the Ivanti Endpoint Manager (EPM), an asset monitoring solution for enterprises, could potentially allow managed devices to be hijacked. Users are advised to deploy the ...

Also known as the Ivanti EPM, the software runs on a variety of platforms, including Windows, macOS, Linux, Chrome OS, and Internet of Things devices such as routers.

The remote code execution flaw in Ivanti Endpoint Manager (EPM), a tool that helps organizations manage and secure their fleets of employee devices, was first disclosed by Trend Micro’s Zero Day ...

Ivanti EPM is dealing with a critical SQL injection vulnerability that affected all its supported versions. The issue has been resolved in Ivanti EPM 2022 Service Update 5. This software is used ...

CISA urges organizations to address the remote code execution vulnerability affecting Ivanti EPM. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) Wednesday urged organizations to ...