CVE-2024-7612

Name of the Vulnerable Software and Affected Versions Ivanti EPMM versions prior to 12.1.0.4

Description Insecure permissions in Ivanti EPMM allow a local authenticated attacker to modify sensitive application components or access and modify sensitive configuration files without proper authorization.

Recommendations For versions prior to 12.1.0.4, update to version 12.1.0.4 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive application components and configuration files to minimize the risk of exploitation.