Ivanti Endpoint Manager SQLi Vulnerability Allows Remote Code Execution

by Esmeralda McKenzie
Ivanti Endpoint Manager SQLi Vulnerability Allows Remote Code Execution

Ivanti Endpoint Manager SQLi Vulnerability Allows Remote Code Execution

Ivanti Endpoint Manager SQLi Vulnerability Permits Some distance away Code Execution

A severe security flaw, CVE-2024-37381, has been came upon in the Ivanti Endpoint Manager (EPM) 2024 flat. The vulnerability is an unspecified SQL injection flaw in the core server ingredient of EPM, potentially allowing attackers to total arbitrary code on affected techniques.

The vulnerability has been assigned a CVSS receive of 8.4, indicating its excessive severity. An authenticated attacker inner the identical network can exploit this vulnerability to total arbitrary code on the affected system.

EHA

Ivanti has launched a Security Hot Patch to address this set. The patch is specifically designed for the EPM 2024 flat and involves up to date DLL recordsdata that must be establish in on the Core Server.

To put together the patch, directors must download the Security Hot Patch recordsdata, which consist of PatchApi.dll and MBSDKService.dll. These recordsdata must calm be ancient to interchange the fashioned DLLs in voice locations on the EPM Core Server. After installation, a system reboot or IIS reset is required for the modifications to rob enact.

It’s indispensable to gift that Ivanti said they weren’t mindful of any prospects being exploited by this vulnerability at the time of disclosure. Then all over again, given the doable affect of the flaw, it’s strongly urged that affected organizations put together the patch as rapidly as likely.

For organizations fascinated by doable compromise, Ivanti has licensed that there are presently no known public exploitations of this vulnerability that could well supply a checklist of indicators of compromise.

This security set is no longer conception about a “present chain assault,” as Ivanti has came upon no indication that the vulnerability used to be maliciously presented into their code model job.

Directors are urged to have a study the patch’s winning application by confirming the hashes of the up to date DLL recordsdata against these equipped in Ivanti’s security advisory.

As constantly, organizations the employ of Ivanti Endpoint Manager must calm cease informed about security updates and put together them promptly to wait on the protection of their techniques.

To have a study if your Ivanti Endpoint Manager (EPM) is up-to-date, it’s likely you’ll well presumably put together these steps:

To verify essentially the most in model model, Initiate the Core Server Activation utility and click on on Licenses. This could well gift your entire versions assigned to your credentials.

You would consult with Cyber Press about a patch to Patch (CVE-2024-37381) Ivanti Endpoint Manager SQLi vulnerability.

Source credit : cybersecuritynews.com

Related Posts