CVE-2024-29824, an unauthenticated SQL Injection vulnerability in Ivanti Endpoint Manager (EPM) appliances, is being exploited by attackers, the Cybersecurity and Infrastructure Security Agency has confirmed by adding the bug to its Known Exploited Vulnerabilities catalog. Ivanti did the same by updating the relevant security advisory to say that they are aware of a limited number of customers who have been exploited. Further details about the attacks are unavailable at this time. About CVE-2024-29824 CVE-2024-29824, reported … More
The post Critical Ivanti Endpoint Manager flaw exploited (CVE-2024-29824) appeared first on Help Net Security.