www.belgium.be Logo of the federal government

WARNING: CRITICAL VULNERABILITIES IN IVANTI ENDPOINT MANAGER (EPM) SOFTWARE, PATCH IMMEDIATELY!

Reference: 
Advisory #2024-74
Version: 
1.0
Affected software: 
Ivanti Endpoint Manager (EPM) 2022 SU5 Core server
Type: 
Unspecified SQL Injection vulnerabilities
CVE/CVSS: 

CVE-2024-29822 until CVE-2024-29827: CVSS 9.6 (CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)

CVE-2024-29828 until CVE-2024-29830 + CVE-2024-29846: CVSS 8.4 (CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H)

Sources

Risks

Successful exploitation of vulnerabilities CVE-2024-29822 until CVE-2024-29827 (CVSS 9.6) could allow an unauthenticated attacker within the same network to execute arbitrary code.

Similarly, successful exploitation of vulnerabilities CVE-2024-29828 until CVE-2024-29830 + CVE-2024-29846 (CVSS 8.4) could allow an authenticated attacker within the same network to execute arbitrary code.

The described vulnerabilities impact Ivanti Endpoint Manager (EPM) versions 2022 SU5 and earlier.

At the time of disclosure, no known exploits existed.

The Centre for Cybersecurity Belgium warned in the past for similar vulnerabilities in the same software.

Description

Said vulnerabilities are SQL injection vulnerabilities, allowing an attacker to execute malicious SQL queries to the underlying database.  In this case, successful exploitation could lead to remote code execution (RCE).

Recommended Actions

Patch

The Centre for Cybersecurity Belgium strongly recommends installing updates for vulnerable devices with the highest priority, after thorough testing.

Monitor/Detect

The CCB recommends organizations upscale monitoring and detection capabilities to identify any related suspicious activity, ensuring a swift response in case of an intrusion.

In case of an intrusion, you can report an incident via: https://cert.be/en/report-incident
 
While patching appliances or software to the newest version may provide safety from future exploitation, it does not remediate historic compromise.

References