Ivanti fixed a critical remote code execution vulnerability in its Endpoint Management software that can let unauthenticated attackers hijack enrolled devices or the core server.
Ivanti EPM helps manage client devices running a wide range of platforms, from Windows and macOS to Chrome OS and IoT operating systems.
The security flaw impacts all supported Ivanti EPM versions, and it has been resolved in version 2022 Service Update 5.
Attackers with access to a target's internal network can exploit the vulnerability in low-complexity attacks that don't require privileges or user interaction.
The company says it has no evidence that its customers have been affected by attackers exploiting this vulnerability.
Currently, Ivanti blocks public access to an advisory containing full CVE-2023-39366 details, likely to provide customers with more time to secure their devices before threat actors can create exploits using the additional information.
In July, state-affiliated hackers used two zero-day flaws in Ivanti's Endpoint Manager Mobile, formerly MobileIron Core, to infiltrate the networks of multiple Norwegian government organizations.
A third zero-day in Ivanti's Sentry software was exploited in attacks one month later.
The company also patched over a dozen critical security vulnerabilities in its Avalanche enterprise mobile device management solution in December and August.
Ivanti's products are used by more than 40,000 companies globally to manage their IT assets and systems.
Ivanti releases patches for 13 critical Avalanche RCE flaws.
Microsoft discovers critical RCE flaw in Perforce Helix Core Server.
Hackers are exploiting critical Apache Struts flaw using public PoC. Sophos backports RCE fix after attacks on unsupported firewalls.
WordPress fixes POP chain exposing websites to RCE attacks.
This Cyber News was published on www.bleepingcomputer.com. Publication date: Thu, 04 Jan 2024 21:40:06 +0000