Skip to main content

Public advisory of scammers impersonating CSA and the SPF

Stay vigilant. Read the public advisory

Cyber Security Agency of Singapore
  1. Home
  2. Alerts & Advisories
  3. Alerts
  4. Critical Vulnerability in Ivanti's Endpoint Manager
Alerts

Critical Vulnerability in Ivanti's Endpoint Manager

13 September 2024

Ivanti has released security updates to address a critical vulnerability (CVE-2024-29847) affecting their Endpoint Manager. This vulnerability has a Common Vulnerability Scoring System (CVSSv3) score of 10 out of 10.

Successful exploitation of the deserialisation of this untrusted data vulnerability could allow an unauthenticated attacker to perform remote code execution. 

The vulnerability affects the following product versions:

  • Ivanti Endpoint Manager 2024

  • Ivanti Endpoint Manager 2022 SU5 and earlier

Users and administrators of affected product versions are advised to update to the latest version immediately.

More information is available here:

https://forums.ivanti.com/s/article/Security-Advisory-EPM-September-2024-for-EPM-2024-and-EPM-2022?language=en

https://thehackernews.com/2024/09/ivanti-releases-urgent-security-updates.html

Back to top