Powered by MOMENTUM MEDIA
cyber daily logo
Breaking news and updates daily. Subscribe to our Newsletter

Threat actors are actively exploiting a critical vulnerability in Ivanti Endpoint Manager

Ivanti has updated a May 2024 security advisory, warning that an “unrestricted file upload vulnerability” has been exploited, impacting several customers.

user icon David Hollingworth
Fri, 04 Oct 2024
Threat actors are actively exploiting a critical vulnerability in Ivanti Endpoint Manager
expand image

US software firm Ivanti has issued a warning over active exploitation of a vulnerability in its Endpoint Manager, which was first revealed in May this year.

“Ivanti has confirmed exploitation of CVE-2024-29824 in the wild,” the update, dated 2 October, now reads.

“At the time of this update, we are aware of a limited number of customers who have been exploited.”

============
============

At the same time, the US Cybersecurity and Critical Infrastructure Agency (CISA) also warned of active exploitation of the bug and recommended that Ivanti customers prioritise remediation in order to protect themselves from the possibility of cyber attacks. CISA also advised all US federal agencies to follow Binding Operational Directive 22-01, which requires them by law to remediate known issues immediately.

“CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation,” CISA said in a 2 October alert.

“These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.”

CVE-2024-29848 is an unrestricted file upload vulnerability in Ivanti Avalanche, a component of Endpoint Manager. The vulnerability could – and now apparently has – lead a malicious actor to run arbitrary commands at a system level.

Remediation details for handling the vulnerability have been available since May.

Ivanti endpoint management products are used by several organisations in Australia, including Deakin University, the University of Southern Queensland, and the law firm Gilbert + Tobin.

David Hollingworth

David Hollingworth

David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.

newsletter
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.