Kritischer Ivanti RCE-Fehler mit öffentlichem Exploit wird jetzt für Angriffe genutzt

Teilen:

CISA warned today that a critical Ivanti vulnerability that can let threat actors gain remote code execution on vulnerable Endpoint Manager (EPM) appliances is now actively exploited in attacks.

Ivanti EPM is an all-in-one endpoint management solution that helps admins manage client devices on various platforms, including Windows, macOS, Chrome OS, and IoT operating systems.

Tracked as CVE-2024-29824, this SQL Injection vulnerability in Ivanti EPM’s Core server that unauthenticated attackers within the same network can exploit to execute arbitrary code on unpatched systems.

Ivanti released security updates to patch this security flaw in May, when it also addressed five other remote code execution bugs in EPM’s Core server, all impacting Ivanti EPM 2022 SU5 and prior.

Horizon3.ai security researchers published a CVE-2024-29824 deep dive in June and released a proof-of-concept exploit on GitHub that can be used to “blindly execute commands on vulnerable Ivanti EPM appliances.”

They also advised admins looking for signs of potential exploitation on their appliances to review MS SQL logs for evidence of xp_cmdshell being used to obtain command execution.

Today, Ivanti updated the original security advisory to state that it “has confirmed exploitation of CVE-2024-29824 in the wild.”

“At the time of this update, we are aware of a limited number of customers who have been exploited,” the company added.

Federal agencies ordered to patch within three weeks

On Tuesday, CISA followed suit and added the Ivanti EPM RCE flaw to its Known Exploited Vulnerabilities catalog, tagging it as actively exploited.

Federal Civilian Executive Branch (FCEB) agencies now must secure vulnerable appliances within three weeks by October 23, as required by  Binding Operational Directive (BOD) 22-01) requires,

While CISA’s KEV catalog is primarily designed to alert federal agencies of vulnerabilities they should patch as soon as possible, organizations worldwide should also prioritize patching this vulnerability to block ongoing attacks.

Multiple Ivanti vulnerabilities have been exploited as zero-day flaws in widespread attacks in recent months, targeting the company’s VPN appliances and ICS, IPS, and ZTA gateways.

Last month, Ivanti warned that threat actors were chaining two recently fixed Cloud Services Appliance (CSA) vulnerabilities to attack unpatched appliances.

In response, Ivanti announced in September that it’s working to improve its responsible disclosure process and testing capabilities to address such security threats more quickly.

Ivanti partners with over 7,000 organizations to deliver system and IT asset management solutions to more than 40,000 companies globally.

Sergiu Gatlan

Kommentar verfassen

Deine E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind mit * markiert

lade-bild
London, GB
8:18 pm, Feb. 15, 2025
Wetter-Symbol 3°C
L: 2° | H: 4°
aufgelockerte Bewölkung
Luftfeuchtigkeit: 87 %
Druck: 1019 mb
Wind: 9 mph E
Windböe: 0 mph
UV-Index: 0
Niederschlag: 0 mm
Wolken: 40%
Regen Chance: 0%
Sichtbarkeit: 9 km
Sonnenaufgang: 7:14 am
Sonnenuntergang: 5:15 pm
TäglichStündlich
Tägliche VorhersageStündliche Vorhersage
Today 9:00 pm
Wetter-Symbol
2° | 4°°C 1 mm 100% 7 mph 87 % 1019 mb 0 mm/h
Tomorrow 9:00 pm
Wetter-Symbol
2° | 4°°C 1 mm 100% 10 mph 89 % 1022 mb 0.24 mm/h
Mo. Feb. 17 9:00 pm
Wetter-Symbol
1° | 7°°C 0 mm 0% 7 mph 78 % 1022 mb 0 mm/h
Di. Feb. 18 9:00 pm
Wetter-Symbol
1° | 8°°C 0 mm 0% 8 mph 70 % 1022 mb 0 mm/h
Mi. Feb. 19 9:00 pm
Wetter-Symbol
4° | 10°°C 0 mm 0% 7 mph 94 % 1020 mb 0 mm/h
Today 9:00 pm
Wetter-Symbol
2° | 3°°C 1 mm 100% 7 mph 87 % 1019 mb 0 mm/h
Tomorrow 12:00 am
Wetter-Symbol
2° | 3°°C 1 mm 100% 7 mph 89 % 1019 mb 0.24 mm/h
Tomorrow 3:00 am
Wetter-Symbol
2° | 2°°C 0 mm 0% 6 mph 89 % 1019 mb 0 mm/h
Tomorrow 6:00 am
Wetter-Symbol
2° | 2°°C 0 mm 0% 6 mph 88 % 1020 mb 0 mm/h
Tomorrow 9:00 am
Wetter-Symbol
3° | 3°°C 0 mm 0% 8 mph 80 % 1020 mb 0 mm/h
Tomorrow 12:00 pm
Wetter-Symbol
4° | 4°°C 0 mm 0% 10 mph 69 % 1021 mb 0 mm/h
Tomorrow 3:00 pm
Wetter-Symbol
4° | 4°°C 0 mm 0% 9 mph 64 % 1021 mb 0 mm/h
Tomorrow 6:00 pm
Wetter-Symbol
3° | 3°°C 0 mm 0% 8 mph 69 % 1021 mb 0 mm/h
Name Preis24H (%)
Bitcoin(BTC)
€92,999.83
-0.51%
Ethereum(ETH)
€2,567.06
-1.83%
XRP(XRP)
€2.62
-1.87%
Fesseln(USDT)
€0.95
-0.02%
Solana(SOL)
€185.18
-3.75%
USDC(USDC)
€0.95
0.02%
Dogecoin(DOGE)
€0.258454
-1.94%
Shiba Inu(SHIB)
€0.000015
-3.08%
Pepe(PEPE)
€0.000010
-5.01%
Nach oben scrollen