News

Ivanti warns of serious vulnerability that could allow hackers to take over EPM machines

By admin
Spread the love

Ivanti is warning users of its Endpoint Management service about a serious vulnerability that could allow remote takeover of a machine without authentication. A patch has now been released for the bug.

Ivanti tracks the bug as CVE-2023-39336. It gets a CVSS score of 9.6. The company says in a blog post that it has no indications that customers have been affected by the bug, but does recommend that customers update their software. A patch for the bug was included in Ivanti EPM 2022 Service Update 5.

For a successful attack, an attacker must first have access to an internal network. Once that access is established, the attacker can execute new SQL queries via an undescribed SQL injection. For example, it is possible to filter data from a server.

With those commands it would also be possible to take over devices running Ivanti’s Endpoint Manager software. If the core server had SQL enabled, an attacker could also take over that server. According to Ivanti, it was possible to perform those actions without the need for further user authentication.

It is the second time in a relatively short time that Ivanti has been in the news due to a serious vulnerability. That also happened in July last year. It then emerged that Norwegian government systems had been hacked using a zero-day in Ivanti’s mobile EPM. It was also possible to carry out an attack without authentication.

You might also like
News

Android 14 beta brings support for a desktop mode

News

Good news for TSMC: its 3nm node will take flight in 2024 thanks to the push of these…

News

The most boring technology of the 21st century: Intel has only grown 5% since 2000

News

Google Password Manager can start sharing passwords with partners or children

News

PlayStation 5 beta update improves audio from DualSense controller

News

Rumor: Android 15 puts apps in ‘edge-to-edge’ mode by default