CVE-2024-29824

Name of the Vulnerable Software and Affected Versions: Ivanti Endpoint Manager versions 2022 SU5 and prior

Description: The issue is related to an unspecified SQL Injection vulnerability in the Core server of Ivanti Endpoint Manager. This vulnerability allows an unauthenticated attacker within the same network to execute arbitrary code. The vulnerability is actively exploited, with a CVSS score of 9.6, and federal agencies are advised to patch by a specific date. The vulnerability involves an SQL Injection flaw that malicious actors are actively exploiting, allowing unauthenticated attackers to execute code remotely.

Recommendations: To resolve the issue for Ivanti Endpoint Manager versions 2022 SU5 and prior, apply the patch released by Ivanti to fix the SQL Injection vulnerability. As a temporary workaround, consider restricting access to the vulnerable Core server until the patch is applied. Additionally, implement general security best practices to minimize the risk of exploitation.