Ivanti Endpoint Manager Code Injection Vulnerability - 20240326001¶
Overview¶
A code injection vulnerability in the Ivanti EPM Cloud Services Appliance (CSA) allows an unauthenticated user to execute arbitrary code with limited permissions. Successful exploitation results in command execution as the nobody user.
What is vulnerable?¶
CVE | Severity | CVSS | Product(s) Affected |
---|---|---|---|
CVE-2021-44529 | Critical | 9.8 | CSA Upto (Including 4.5), CSA 4.6 |
What has been observed?¶
There is no evidence of exploitation affecting Western Australian Government networks at the time of publishing.
Recommendation¶
The WA SOC recommends administrators apply the solutions as per vendor instructions or discontinue use of the product if mitigations are unavailable. (refer Patch Management):