Ivanti Endpoint Manager Vulnerabilities Allows Attackers To Extract Sensitive Information
Ivanti addressed multiple severe vulnerabilities in its Endpoint Manager (EPM) software, potentially exposing organizations to significant data breaches. The most alarming of these flaws are four critical path traversal vulnerabilities that could allow unauthorized access to sensitive information. The vulnerabilities, identified as CVE-2024-10811, CVE-2024-13161, CVE-2024-13160, and CVE-2024-13159, all carry a CVSS score of 9.8 out […] The post Ivanti Endpoint Manager Vulnerabilities Allows Attackers To Extract Sensitive Information appeared first on Cyber Security News.
Ivanti addressed multiple severe vulnerabilities in its Endpoint Manager (EPM) software, potentially exposing organizations to significant data breaches.
The most alarming of these flaws are four critical path traversal vulnerabilities that could allow unauthorized access to sensitive information.
The vulnerabilities, identified as CVE-2024-10811, CVE-2024-13161, CVE-2024-13160, and CVE-2024-13159, all carry a CVSS score of 9.8 out of 10, indicating their extreme severity.
Here are the specifics of each vulnerability:
CVE Number Description CVSS Score CVE-2024-10811 Absolute path traversal allowing remote attackers to leak sensitive information. 9.8 (Critical) CVE-2024-13161 Absolute path traversal enabling unauthorized access to sensitive files. 9.8 (Critical) CVE-2024-13160 Path traversal vulnerability allowing data leakage by unauthenticated users. 9.8 (Critical) CVE-2024-13159 Path traversal flaw that can be exploited remotely to access confidential information. 9.8 (Critical)
These flaws affect Ivanti EPM versions before the 2024 January 2025 Security Update and the 2022 SU6 January 2025 Security Update.
Each of these vulnerabilities is an absolute path traversal flaw, which allows a remote, unauthenticated attacker to leak sensitive information from affected systems.
Investigate Real-World Malicious Links & Phishing Attacks With Threat Intelligence Lookup - Try for Free
The Common Weakness Enumeration (CWE) associated with these vulnerabilities is CWE-36, which refers to Absolute Path Traversal.
Zach Hanley, a security researcher at Horizon3.ai, is credited with discovering and reporting these vulnerabilities.
While Ivanti states that they are not aware of any exploitation of these vulnerabilities in the wild, the potential for abuse remains high given their critical nature.
In addition to the EPM vulnerabilities, Ivanti has also patched several other products, including Avalanche and the Application Control Engine.
These updates address various high-severity bugs that could allow attackers to bypass authentication, leak sensitive information, and circumvent application-blocking functionality.
The discovery of these vulnerabilities highlights the ongoing challenges in securing enterprise management software.
Endpoint Manager, being a crucial tool for managing device endpoints within a network, presents an attractive target for cybercriminals.
A successful exploit could potentially give attackers access to a wealth of sensitive corporate data and control over managed devices.
Ivanti has urged all customers to apply the patches as soon as possible. The company has provided detailed instructions on how to download and apply the patches in their security advisory.
Organizations using Ivanti EPM are strongly advised to update their systems immediately to mitigate the risk of potential attacks.
Integrating Application Security into Your CI/CD Workflows Using Jenkins & Jira -> Free Webinar
The post Ivanti Endpoint Manager Vulnerabilities Allows Attackers To Extract Sensitive Information appeared first on Cyber Security News.
