{"id":5622,"date":"2024-10-03T16:19:32","date_gmt":"2024-10-03T21:19:32","guid":{"rendered":"https:\/\/www.darkreading.com\/threat-intelligence\/cisa-high-severity-ivanti-vulnerability-kev-catalog"},"modified":"2024-10-03T16:19:32","modified_gmt":"2024-10-03T21:19:32","slug":"cisa-adds-high-severity-ivanti-vulnerability-to-kev-catalog","status":"publish","type":"post","link":"https:\/\/ddi.mohflo.net\/index.php\/2024\/10\/03\/cisa-adds-high-severity-ivanti-vulnerability-to-kev-catalog\/","title":{"rendered":"CISA Adds High-Severity Ivanti Vulnerability to KEV Catalog"},"content":{"rendered":"<div class=\"media_block\"><a href=\"https:\/\/i0.wp.com\/eu-images.contentstack.com\/v3\/assets\/blt6d90778a997de1cd\/bltd9b08855aef87258\/66edccd58bba4154e9b0146c\/ivanti1800_Kristoffer_Tripplaar_alamy.jpg?ssl=1\"><img data-recalc-dims=\"1\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/10\/cisa-adds-high-severity-ivanti-vulnerability-to-kev-catalog.jpg?w=640&#038;ssl=1\" class=\"media_thumbnail\"><\/a><\/div>\n<div><img data-recalc-dims=\"1\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/10\/cisa-adds-high-severity-ivanti-vulnerability-to-kev-catalog.jpg?w=640&#038;ssl=1\" class=\"ff-og-image-inserted\"><\/div>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">One of the latest vulnerabilities that the Cybersecurity and Infrastructure Security Agency has added to the Known Exploited Vulnerabilities Catalog is <\/span><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"><a class=\"ContentText-BodyTextChunk ContentText-BodyTextChunk_link\" target=\"_blank\" href=\"https:\/\/www.darkreading.com\/application-security\/poc-exploit-critical-rce-bug-ivanti-endpoint-manager\" rel=\"noopener\">CVE-2024-29824<\/a><\/span><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">, found in the Ivanti Endpoint Manager.<\/span><\/p>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">The vulnerability is described as an SQL Injection vulnerability in the core server of Ivanti EPM 2022 SU5 and its prior models. It allows an unauthenticated attacker within the network to execute arbitrary code.&nbsp;<\/span><\/p>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">Because of its high risk, its CVSS score is a critical 9.6.<\/span><\/p>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">On Oct. 1, Ivanti updated its security advisory to reflect that the vulnerability had been exploited in the wild.&nbsp; &#8220;At the time of this update, we are aware of a limited number of customers who have been exploited,&#8221; according to Ivanti&#8217;s advisory.<\/span><\/p>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"><a class=\"ContentText-BodyTextChunk ContentText-BodyTextChunk_link\" target=\"_blank\" href=\"https:\/\/www.darkreading.com\/threat-intelligence\/ivanti-cloud-bug-exploit-alarms-raised\" rel=\"noopener\">Ivanti<\/a><\/span><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"> released security updates to patch this flaw in May, alongside several other bugs found in EPM&#8217;s core server.<\/span><\/p>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">&#8220;Exploiting this flaw could have serious consequences, such as data breaches, disruption of business operations, and further compromise of internal systems,&#8221; Eric Schwake, director of cybersecurity strategy at Salt Security, wrote in an emailed statement. &#8220;Organizations using Ivanti EPM should prioritize patching their systems immediately and conduct thorough security assessments to detect and mitigate potential compromise. This situation emphasizes the critical importance of proactive vulnerability management and timely patching to protect against evolving threats.&#8221;<\/span><\/p>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">Customers can find information to&nbsp;<\/span><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"><a class=\"ContentText-BodyTextChunk ContentText-BodyTextChunk_link\" target=\"_blank\" href=\"https:\/\/forums.ivanti.com\/s\/article\/Avalanche-6-4-3-602-additional-security-hardening-and-CVE-fixed?language=en_US\" rel=\"noopener\">patch the vulnerability<\/a><\/span><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">&nbsp;on Ivanti\u2019s website.<\/span><\/p>\n<p><a href=\"https:\/\/www.darkreading.com\/threat-intelligence\/cisa-high-severity-ivanti-vulnerability-kev-catalog\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>One of the latest vulnerabilities that the Cybersecurity and Infrastructure<\/p>\n","protected":false},"author":12,"featured_media":5623,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[1],"tags":[809],"class_list":["post-5622","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-uncategorized","tag-dark-reading"],"featured_image_urls":{"full":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/10\/cisa-adds-high-severity-ivanti-vulnerability-to-kev-catalog-scaled.jpg?fit=2560%2C1440&ssl=1",2560,1440,false],"thumbnail":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/10\/cisa-adds-high-severity-ivanti-vulnerability-to-kev-catalog-scaled.jpg?resize=150%2C150&ssl=1",150,150,true],"medium":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/10\/cisa-adds-high-severity-ivanti-vulnerability-to-kev-catalog-scaled.jpg?fit=300%2C169&ssl=1",300,169,true],"medium_large":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/10\/cisa-adds-high-severity-ivanti-vulnerability-to-kev-catalog-scaled.jpg?fit=640%2C360&ssl=1",640,360,true],"large":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/10\/cisa-adds-high-severity-ivanti-vulnerability-to-kev-catalog-scaled.jpg?fit=640%2C360&ssl=1",640,360,true],"1536x1536":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/10\/cisa-adds-high-severity-ivanti-vulnerability-to-kev-catalog-scaled.jpg?fit=1536%2C864&ssl=1",1536,864,true],"2048x2048":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/10\/cisa-adds-high-severity-ivanti-vulnerability-to-kev-catalog-scaled.jpg?fit=2048%2C1152&ssl=1",2048,1152,true],"chromenews-featured":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/10\/cisa-adds-high-severity-ivanti-vulnerability-to-kev-catalog-scaled.jpg?fit=1024%2C576&ssl=1",1024,576,true],"chromenews-large":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/10\/cisa-adds-high-severity-ivanti-vulnerability-to-kev-catalog-scaled.jpg?resize=825%2C575&ssl=1",825,575,true],"chromenews-medium":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/10\/cisa-adds-high-severity-ivanti-vulnerability-to-kev-catalog-scaled.jpg?resize=590%2C410&ssl=1",590,410,true]},"author_info":{"display_name":"Dark Reading","author_link":"https:\/\/ddi.mohflo.net\/index.php\/author\/darkreading\/"},"category_info":"<a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/uncategorized\/\" rel=\"category tag\">Uncategorized<\/a>","tag_info":"Uncategorized","comment_count":"0","jetpack_featured_media_url":"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/10\/cisa-adds-high-severity-ivanti-vulnerability-to-kev-catalog-scaled.jpg?fit=2560%2C1440&ssl=1","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/5622","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/users\/12"}],"replies":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/comments?post=5622"}],"version-history":[{"count":0,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/5622\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/media\/5623"}],"wp:attachment":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/media?parent=5622"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/categories?post=5622"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/tags?post=5622"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}