Ivanti EPMM Vulnerability - 20240523002¶
Overview¶
A local privilege escalation vulnerability in EPMM before 12.1.0.0 allows an authenticated local user to bypass shell restriction and execute arbitrary commands on the appliance.
What is vulnerable?¶
| CVE | Severity | CVSS | Product(s) Affected | Summary | Dated |
|---|---|---|---|---|---|
| CVE-2024-22026 | Medium | 6.7 | EPMM before 12.1.0.0 |
Recommendation¶
The WA SOC recommends administrators apply the solutions as per vendor instructions to all affected devices within expected timeframe (refer Patch Management):
- https://forums.ivanti.com/s/article/Security-Advisory-EPMM-May-2024?language=en_US
- https://help.ivanti.com/mi/help/en_us/core/12.x/rn/CoreConnectorReleaseNotes/IvantiEPMM_rn_12.x.pdf