CVE-2024-13159

Name of the Vulnerable Software and Affected Versions Ivanti EPM versions before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update

Description The issue is related to absolute path traversal in Ivanti EPM, allowing a remote unauthenticated attacker to leak sensitive information. Attackers could compromise servers via relay attacks. A proof-of-concept (PoC) exploit has been released, and researchers have revealed technical details on credential coercion vulnerabilities. It is estimated that 73 vulnerable targets have been identified.

Recommendations For Ivanti EPM versions before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update, patch urgently to fix the vulnerability. As a temporary workaround, consider restricting access to sensitive information and disabling any features that may be exploited via relay attacks until a patch is available.