Ivanti Archives • Cybersecurity News

as seen in CVE-2024-29822 through CVE-2024-29827

May 21, 2024

Multiple Critical Vulnerabilities Discovered in Ivanti Endpoint Manager

Ivanti, a prominent provider of IT management and security solutions, has issued urgent security advisories warning of multiple critical vulnerabilities within its Endpoint Manager (EPM) product. These vulnerabilities, if exploited, could grant attackers significant...

Vulnerability

May 17, 2024

Ivanti EPMM CVE-2024-22026 Vulnerability: Potential for Full System Takeover, PoC Published

Ivanti’s Enterprise Mobility Management Platform (EPMM), a widely used mobile device management solution, has been found to contain a high-severity vulnerability (CVE-2024-22026) that could allow attackers to gain full control of affected systems. Identified...

Vulnerability

April 19, 2024

Exploit Code Released for Severe Ivanti Avalanche Vulnerability (CVE-2024-29204)

Exploit code is now available for a critical vulnerability (CVE-2024-29204) that has been identified in Ivanti Avalanche, a widely deployed mobile device management (MDM) solution used by enterprises. This flaw, rated 9.8 on the...

Vulnerability

January 10, 2024

Ivanti’s Critical Security Alert: Two Zero-Days Exploited in the Wild

Ivanti, a well-known software company, has revealed two critical zero-day vulnerabilities in its Connect Secure and Policy Secure products. These vulnerabilities are already exploited by attackers. The first of these vulnerabilities, labeled CVE-2023-46805 and...

Vulnerability

January 4, 2024

CVE-2023-39336: Ivanti Addresses Major RCE Vulnerability

Ivanti, a renowned name in IT asset and systems management, has addressed a severe security loophole in its Endpoint Management software (EPM). This fix is a crucial step in safeguarding over 40,000 companies worldwide...

Vulnerability

August 21, 2023

CVE-2023-38035: Ivanti Sentry API Authentication Bypass Vulnerability Being Exploited in the Wild

Ivanti, a US-based IT software company, has warned customers that a critical vulnerability in its Sentry API is being exploited in the wild. The vulnerability, tracked as CVE-2023-38035, allows unauthenticated attackers to gain access...

Vulnerability

August 3, 2023

CVE-2023-35082: Critical Security Vulnerability in MobileIron Core

IT software company Ivanti has disclosed a new critical security vulnerability in its MobileIron Core mobile device management software. Tagged as CVE-2023-35082, this vulnerability is not to be taken lightly. In fact, it scored the...