CVE-2024-8320

Name of the Vulnerable Software and Affected Versions Ivanti EPM versions prior to 2022 SU6 Ivanti EPM versions prior to the 2024 September update

Description The issue is related to a lack of authentication for a critical function in Ivanti EPM, specifically in Network Isolation. This allows a remote attacker to modify the network isolation status of managed devices without proper authentication. The attacker can spoof the Network Isolation status, potentially leading to unauthorized access or changes to the managed devices.

Recommendations For Ivanti EPM versions prior to 2022 SU6, update to 2022 SU6 or later to resolve the issue. For Ivanti EPM versions prior to the 2024 September update, apply the 2024 September update to fix the issue. As a temporary workaround, consider restricting access to the Network Isolation feature until a patch is available.