Ivanti Endpoint Manager SQL Injection Flaw Let Attackers Execute Arbitrary Code

by Esmeralda McKenzie
Ivanti Endpoint Manager SQL Injection Flaw Let Attackers Execute Arbitrary Code

Ivanti Endpoint Manager SQL Injection Flaw Let Attackers Execute Arbitrary Code

Ivanti Endpoint Supervisor SQL Injection Flaw Let Attackers Personal Arbitrary Code

Extra than one vulnerabilities bright SQL injection occupy been identified in Ivanti Endpoint Supervisor.

These vulnerabilities may perhaps doubtlessly enable malicious actors to enact varied unauthorized actions, including initiating Denial of Provider assaults and executing arbitrary code on affected systems.

With out a doubt one of many vulnerabilities chanced on was a SQL injection vulnerability in Ivanti Neurons for ITSM, while the rest had been chanced on within the Ivanti Endpoint Supervisor (EPM).

The severity of these vulnerabilities ranges from 8.4 (Excessive) to 9.6 (Predominant).

Vulnerability Evaluation – SQL Injections

Primarily based on the advisory, there occupy been 11 SQL injection vulnerabilities identified, which had been given the CVEs as

  • CVE-2024-22059 – 9.6 (Predominant)
  • CVE-2024-29822 – 9.6 (Predominant)
  • CVE-2024-29823 – 9.6 (Predominant)
  • CVE-2024-29824 – 9.6 (Predominant)
  • CVE-2024-29825 – 9.6 (Predominant)
  • CVE-2024-29826 – 9.6 (Predominant)
  • CVE-2024-29827 – 8.4 (Excessive)
  • CVE-2024-29828 – 8.4 (Excessive)
  • CVE-2024-29829 – 8.4 (Excessive)
  • CVE-2024-29830 – 8.4 (Excessive) and
  • CVE-2024-29846 – 8.4 (Excessive)

Amongst these SQL injection vulnerabilities, six had a 9.6 (Predominant) severity.

These vulnerabilities had been because of an unspecified SQL injection flaw within the Core server of Ivanti EPM 2022 SU5 and prior versions, which permits an unauthenticated attacker on the same community to lift out arbitrary code on the vulnerable instances.

The assorted five vulnerabilities had an 8.4 (Excessive) severity, which additionally existed because of a an identical unspecified SQL injection flaw nonetheless require an authentication that will perhaps enable an authenticated attacker on the same community to lift out arbitrary code on the vulnerable event.

On the opposite hand, Customers of Ivanti Endpoint Supervisor are beneficial to upgrade to essentially the most in style versions to prevent threat actors from exploiting these SQL injection vulnerabilities.

Source credit : cybersecuritynews.com

Related Posts