Endpoint Manager

SQL injection in the web console of Ivanti Endpoint Manager before version 2024 SU6 allows a remote authenticated attacker to achieve remote code execution.

Published: 2026-05-12T14:33:45.708Z
Updated: 2026-05-13T03:57:54.231Z

SQL injection in the web console of Ivanti Endpoint Manager before version 2024 SU6 allows a remote authenticated attacker to achieve remote code execution.

Published: 2026-05-12T14:33:45.708Z
Updated: 2026-05-13T03:57:54.231Z

Incorrect permissions assignment in the agent of Ivanti Endpoint Manager before version 2024 SU6 allows a local authenticated attacker to escalate their privileges.

Published: 2026-05-12T14:31:26.135Z
Updated: 2026-05-13T03:57:53.140Z

Incorrect permissions assignment in the agent of Ivanti Endpoint Manager before version 2024 SU6 allows a local authenticated attacker to escalate their privileges.

Published: 2026-05-12T14:31:26.135Z
Updated: 2026-05-13T03:57:53.140Z

An exposed dangerous method on the Core Server of Ivanti Endpoint Manager before version 2024 SU6 allows a remote authenticated attacker to leak access credentials.

Published: 2026-05-12T14:29:10.500Z
Updated: 2026-05-12T18:58:58.165Z

An exposed dangerous method on the Core Server of Ivanti Endpoint Manager before version 2024 SU6 allows a remote authenticated attacker to leak access credentials.

Published: 2026-05-12T14:29:10.500Z
Updated: 2026-05-12T18:58:58.165Z

An authentication bypass in Ivanti Endpoint Manager before version 2024 SU5 allows a remote unauthenticated attacker to leak specific stored credential data.

Published: 2026-02-10T15:09:35.459Z
Updated: 2026-03-10T03:55:23.819Z

An authentication bypass in Ivanti Endpoint Manager before version 2024 SU5 allows a remote unauthenticated attacker to leak specific stored credential data.

Published: 2026-02-10T15:09:35.459Z
Updated: 2026-03-10T03:55:23.819Z

SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database.

Published: 2026-02-10T15:07:27.198Z
Updated: 2026-02-26T15:04:12.393Z

SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database.

Published: 2026-02-10T15:07:27.198Z
Updated: 2026-02-26T15:04:12.393Z

Insufficient filename validation in Ivanti Endpoint Manager before 2024 SU3 SR1 and 2022 SU8 SR2 allows a remote unauthenticated attacker to achieve remote code execution. User interaction is required.

Published: 2025-09-09T15:11:13.957Z
Updated: 2026-02-26T17:49:04.223Z

Path traversal in Ivanti Endpoint Manager before version 2024 SU4 allows a remote unauthenticated attacker to achieve remote code execution. User interaction is required.

Published: 2025-10-13T21:08:13.112Z
Updated: 2026-02-26T17:47:44.122Z

Path traversal in Ivanti Endpoint Manager before version 2024 SU4 allows a remote unauthenticated attacker to achieve remote code execution. User interaction is required.

Published: 2025-10-13T21:08:13.112Z
Updated: 2026-02-26T17:47:44.122Z

Insufficient filename validation in Ivanti Endpoint Manager before 2024 SU3 SR1 and 2022 SU8 SR2 allows a remote unauthenticated attacker to achieve remote code execution. User interaction is required.

Published: 2025-09-09T15:09:05.375Z
Updated: 2026-02-26T17:49:04.952Z

Insufficient filename validation in Ivanti Endpoint Manager before 2024 SU3 SR1 and 2022 SU8 SR2 allows a remote unauthenticated attacker to achieve remote code execution. User interaction is required.

Published: 2025-09-09T15:09:05.375Z
Updated: 2026-02-26T17:49:04.952Z

SQL injection in Ivanti Endpoint Manager before version 2024 SU3 and 2022 SU8 Security Update 1 allows a remote authenticated attacker with admin privileges to read arbitrary data from the database

Published: 2025-07-08T14:54:42.789Z
Updated: 2025-07-08T15:07:12.721Z

SQL injection in Ivanti Endpoint Manager before version 2024 SU3 and 2022 SU8 Security Update 1 allows a remote authenticated attacker with admin privileges to read arbitrary data from the database

Published: 2025-07-08T14:54:42.789Z
Updated: 2025-07-08T15:07:12.721Z

Improper use of encryption in the agent of Ivanti Endpoint Manager before version 2024 SU3 and 2022 SU8 Security Update 1 allows a local authenticated attacker to decrypt other users’ passwords.

Published: 2025-07-08T14:51:04.446Z
Updated: 2025-07-08T15:14:08.808Z

Improper use of encryption in the agent of Ivanti Endpoint Manager before version 2024 SU3 and 2022 SU8 Security Update 1 allows a local authenticated attacker to decrypt other users’ passwords.

Published: 2025-07-08T14:51:04.446Z
Updated: 2025-07-08T15:14:08.808Z

Improper use of encryption in the agent of Ivanti Endpoint Manager before version 2024 SU3 and 2022 SU8 Security Update 1 allows a local authenticated attacker to decrypt other users’ passwords.

Published: 2025-07-08T14:45:44.989Z
Updated: 2025-07-08T15:54:49.209Z

Improper use of encryption in the agent of Ivanti Endpoint Manager before version 2024 SU3 and 2022 SU8 Security Update 1 allows a local authenticated attacker to decrypt other users’ passwords.

Published: 2025-07-08T14:45:44.989Z
Updated: 2025-07-08T15:54:49.209Z

SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database.

Published: 2025-10-13T21:10:15.318Z
Updated: 2026-02-10T17:03:59.025Z

SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database.

Published: 2025-10-13T21:10:15.318Z
Updated: 2026-02-10T17:03:59.025Z

SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database.

Published: 2025-10-13T21:12:22.188Z
Updated: 2026-02-10T17:07:35.039Z

SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database.

Published: 2025-10-13T21:12:22.188Z
Updated: 2026-02-10T17:07:35.039Z

SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database.

Published: 2025-10-13T21:10:53.982Z
Updated: 2026-02-10T17:03:03.801Z

SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database.

Published: 2025-10-13T21:10:53.982Z
Updated: 2026-02-10T17:03:03.801Z

SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database.

Published: 2025-10-13T21:11:18.043Z
Updated: 2026-02-10T17:04:40.319Z

SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database.

Published: 2025-10-13T21:11:18.043Z
Updated: 2026-02-10T17:04:40.319Z

SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database.

Published: 2025-10-13T21:11:34.823Z
Updated: 2026-02-10T17:05:16.161Z

SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database.

Published: 2025-10-13T21:11:34.823Z
Updated: 2026-02-10T17:05:16.161Z

SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database.

Published: 2025-10-13T21:11:52.712Z
Updated: 2026-02-10T17:06:13.734Z

SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database.

Published: 2025-10-13T21:11:52.712Z
Updated: 2026-02-10T17:06:13.734Z

SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database.

Published: 2025-10-13T21:12:52.222Z
Updated: 2026-02-10T17:08:56.495Z

SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database.

Published: 2025-10-13T21:12:52.222Z
Updated: 2026-02-10T17:08:56.495Z

SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database.

Published: 2025-10-13T21:12:08.724Z
Updated: 2026-02-10T17:06:52.469Z

SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database.

Published: 2025-10-13T21:12:08.724Z
Updated: 2026-02-10T17:06:52.469Z

SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database.

Published: 2025-10-13T21:13:05.017Z
Updated: 2026-02-10T17:09:32.081Z

SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database.

Published: 2025-10-13T21:13:05.017Z
Updated: 2026-02-10T17:09:32.081Z

SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database.

Published: 2025-10-13T21:12:38.655Z
Updated: 2026-02-10T17:08:17.427Z

SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database.

Published: 2025-10-13T21:12:38.655Z
Updated: 2026-02-10T17:08:17.427Z

Reflected XSS in Ivanti Endpoint Manager before version 2024 SU1 or before version 2022 SU7 allows a remote unauthenticated attacker to obtain admin privileges. User interaction is required.

Published: 2025-04-08T14:27:55.834Z
Updated: 2025-04-08T14:46:25.244Z

Reflected XSS in Ivanti Endpoint Manager before version 2024 SU1 or before version 2022 SU7 allows a remote unauthenticated attacker to obtain admin privileges. User interaction is required.

Published: 2025-04-08T14:27:55.834Z
Updated: 2025-04-08T14:46:25.244Z

Reflected XSS in Ivanti Endpoint Manager before version 2024 SU1 or before version 2022 SU7 allows a remote unauthenticated attacker to execute arbitrary javascript in a victim's browser. Unlikely user interaction is required.

Published: 2025-04-08T14:27:27.199Z
Updated: 2025-04-08T14:52:54.418Z

Reflected XSS in Ivanti Endpoint Manager before version 2024 SU1 or before version 2022 SU7 allows a remote unauthenticated attacker to execute arbitrary javascript in a victim's browser. Unlikely user interaction is required.

Published: 2025-04-08T14:27:27.199Z
Updated: 2025-04-08T14:52:54.418Z

An untrusted pointer dereference vulnerability in Ivanti Endpoint Manager before version 2024 SU1 or before version 2022 SU7 allows an attacker with local access to write arbitrary data into memory causing a denial-of-service condition.

Published: 2025-04-08T14:27:03.158Z
Updated: 2025-04-08T15:04:45.498Z

An untrusted pointer dereference vulnerability in Ivanti Endpoint Manager before version 2024 SU1 or before version 2022 SU7 allows an attacker with local access to write arbitrary data into memory causing a denial-of-service condition.

Published: 2025-04-08T14:27:03.158Z
Updated: 2025-04-08T15:04:45.498Z

SQL injection in Ivanti Endpoint Manager before version 2024 SU1 or before version 2022 SU7 allows a remote authenticated attacker with admin privileges to achieve code execution.

Published: 2025-04-08T14:26:23.423Z
Updated: 2026-02-26T18:28:39.350Z

SQL injection in Ivanti Endpoint Manager before version 2024 SU1 or before version 2022 SU7 allows a remote authenticated attacker with admin privileges to achieve code execution.

Published: 2025-04-08T14:26:23.423Z
Updated: 2026-02-26T18:28:39.350Z

Improper certificate validation in Ivanti Endpoint Manager before version 2024 SU1 or before version 2022 SU7 allows a remote unauthenticated attacker to intercept limited traffic between clients and servers.

Published: 2025-04-08T14:25:57.827Z
Updated: 2025-04-08T15:37:26.132Z

Improper certificate validation in Ivanti Endpoint Manager before version 2024 SU1 or before version 2022 SU7 allows a remote unauthenticated attacker to intercept limited traffic between clients and servers.

Published: 2025-04-08T14:25:57.827Z
Updated: 2025-04-08T15:37:26.132Z

DLL hijacking in Ivanti Endpoint Manager before version 2024 SU1 or before version 2022 SU7 allows an authenticated attacker to escalate to System.

Published: 2025-04-08T14:25:42.603Z
Updated: 2026-02-26T18:28:39.769Z

DLL hijacking in Ivanti Endpoint Manager before version 2024 SU1 or before version 2022 SU7 allows an authenticated attacker to escalate to System.

Published: 2025-04-08T14:25:42.603Z
Updated: 2026-02-26T18:28:39.769Z

Improper verification of cryptographic signatures in the patch management component of Ivanti Endpoint Manager prior to version 2024 SU4 SR1 allows a remote unauthenticated attacker to execute arbitrary code. User Interaction is required.

Published: 2025-12-09T16:05:31.059Z
Updated: 2026-02-26T16:57:03.979Z

Improper verification of cryptographic signatures in the patch management component of Ivanti Endpoint Manager prior to version 2024 SU4 SR1 allows a remote unauthenticated attacker to execute arbitrary code. User Interaction is required.

Published: 2025-12-09T16:05:31.059Z
Updated: 2026-02-26T16:57:03.979Z

Path traversal in Ivanti Endpoint Manager prior to version 2024 SU4 SR1 allows a remote authenticated attacker to write arbitrary files outside of the intended directory. User interaction is required.

Published: 2025-12-09T16:01:18.193Z
Updated: 2026-02-26T16:57:04.977Z

Path traversal in Ivanti Endpoint Manager prior to version 2024 SU4 SR1 allows a remote authenticated attacker to write arbitrary files outside of the intended directory. User interaction is required.

Published: 2025-12-09T16:01:18.193Z
Updated: 2026-02-26T16:57:04.977Z

Improper control of dynamically managed code resources in Ivanti Endpoint Manager prior to version 2024 SU4 SR1 allows a remote, unauthenticated attacker to write arbitrary files on the server, potentially leading to remote code execution. User interaction is required.

Published: 2025-12-09T15:59:18.340Z
Updated: 2026-02-26T16:57:05.566Z

Improper control of dynamically managed code resources in Ivanti Endpoint Manager prior to version 2024 SU4 SR1 allows a remote, unauthenticated attacker to write arbitrary files on the server, potentially leading to remote code execution. User interaction is required.

Published: 2025-12-09T15:59:18.340Z
Updated: 2026-02-26T16:57:05.566Z

SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database.

Published: 2025-10-13T21:09:07.731Z
Updated: 2026-02-10T17:03:35.043Z

SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database.

Published: 2025-10-13T21:09:07.731Z
Updated: 2026-02-10T17:03:35.043Z

Insecure deserialization in Ivanti Endpoint Manager before version 2024 SU4 allows a local authenticated attacker to escalate their privileges.

Published: 2025-10-13T21:07:50.065Z
Updated: 2026-02-26T17:47:44.396Z

Insecure deserialization in Ivanti Endpoint Manager before version 2024 SU4 allows a local authenticated attacker to escalate their privileges.

Published: 2025-10-13T21:07:50.065Z
Updated: 2026-02-26T17:47:44.396Z

Insecure default permissions in the agent of Ivanti Endpoint Manager before version 2024 SU4 allows a local authenticated attacker to write arbitrary files anywhere on disk

Published: 2025-11-11T15:31:54.062Z
Updated: 2025-11-12T20:02:59.040Z

Insecure default permissions in the agent of Ivanti Endpoint Manager before version 2024 SU4 allows a local authenticated attacker to write arbitrary files anywhere on disk

Published: 2025-11-11T15:31:54.062Z
Updated: 2025-11-12T20:02:59.040Z

Stored XSS in Ivanti Endpoint Manager prior to version 2024 SU4 SR1 allows a remote unauthenticated attacker to execute arbitrary JavaScript in the context of an administrator session. User interaction is required.

Published: 2025-12-09T15:55:23.422Z
Updated: 2026-02-26T16:57:06.042Z

Stored XSS in Ivanti Endpoint Manager prior to version 2024 SU4 SR1 allows a remote unauthenticated attacker to execute arbitrary JavaScript in the context of an administrator session. User interaction is required.

Published: 2025-12-09T15:55:23.422Z
Updated: 2026-02-26T16:57:06.042Z

An uncontrolled search path in the agent of Ivanti EPM before 2022 SU6, or the 2024 September update allows a local authenticated attacker with admin privileges to escalate their privileges to SYSTEM.

Published: 2024-09-10T21:01:09.475Z
Updated: 2024-09-12T03:55:23.682Z

An uncontrolled search path in the agent of Ivanti EPM before 2022 SU6, or the 2024 September update allows a local authenticated attacker with admin privileges to escalate their privileges to SYSTEM.

Published: 2024-09-10T21:01:09.475Z
Updated: 2024-09-12T03:55:23.682Z

Weak authentication in Patch Management of Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker to access restricted functionality.

Published: 2024-09-10T20:59:40.339Z
Updated: 2024-09-11T13:50:36.958Z

Weak authentication in Patch Management of Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker to access restricted functionality.

Published: 2024-09-10T20:59:40.339Z
Updated: 2024-09-11T13:50:36.958Z

Missing authentication in Network Isolation of Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote unauthenticated attacker to isolate managed devices from the network.

Published: 2024-09-10T20:54:02.772Z
Updated: 2024-09-11T15:20:28.646Z

Missing authentication in Network Isolation of Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote unauthenticated attacker to isolate managed devices from the network.

Published: 2024-09-10T20:54:02.772Z
Updated: 2024-09-11T15:20:28.646Z

Missing authentication in Network Isolation of Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote unauthenticated attacker to spoof Network Isolation status of managed devices.

Published: 2024-09-10T20:52:31.146Z
Updated: 2024-09-11T15:19:03.245Z

Missing authentication in Network Isolation of Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote unauthenticated attacker to spoof Network Isolation status of managed devices.

Published: 2024-09-10T20:52:31.146Z
Updated: 2024-09-11T15:19:03.245Z

SQL injection in the management console of Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote unauthenticated attacker to achieve remote code execution.

Published: 2024-09-10T20:50:24.547Z
Updated: 2024-09-12T03:55:08.946Z

SQL injection in the management console of Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote unauthenticated attacker to achieve remote code execution.

Published: 2024-09-10T20:50:24.547Z
Updated: 2024-09-12T03:55:08.946Z

SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote unauthenticated attacker to achieve remote code execution.

Published: 2024-11-12T15:42:20.786Z
Updated: 2024-11-19T04:56:10.026Z

SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote unauthenticated attacker to achieve remote code execution.

Published: 2024-11-12T15:42:20.786Z
Updated: 2024-11-19T04:56:10.026Z

Path traversal in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote unauthenticated attacker to achieve remote code execution. User interaction is required.

Published: 2024-11-12T15:41:54.415Z
Updated: 2024-11-19T04:56:08.860Z

Path traversal in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote unauthenticated attacker to achieve remote code execution. User interaction is required.

Published: 2024-11-12T15:41:54.415Z
Updated: 2024-11-19T04:56:08.860Z

SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote authenticated attacker with admin privileges to achieve remote code execution.

Published: 2024-11-12T15:41:17.871Z
Updated: 2024-11-19T04:55:58.542Z

SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote authenticated attacker with admin privileges to achieve remote code execution.

Published: 2024-11-12T15:41:17.871Z
Updated: 2024-11-19T04:55:58.542Z

SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote authenticated attacker with admin privileges to achieve remote code execution.

Published: 2024-11-12T15:40:38.609Z
Updated: 2024-11-19T04:55:54.842Z

SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote authenticated attacker with admin privileges to achieve remote code execution.

Published: 2024-11-12T15:40:38.609Z
Updated: 2024-11-19T04:55:54.842Z

SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote authenticated attacker with admin privileges to achieve remote code execution.

Published: 2024-11-12T15:40:06.902Z
Updated: 2024-11-19T04:56:00.999Z

SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote authenticated attacker with admin privileges to achieve remote code execution.

Published: 2024-11-12T15:40:06.902Z
Updated: 2024-11-19T04:56:00.999Z

Path traversal in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote authenticated attacker with admin privileges to achieve remote code execution.

Published: 2024-11-12T15:37:52.162Z
Updated: 2024-11-19T04:56:07.498Z

Path traversal in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote authenticated attacker with admin privileges to achieve remote code execution.

Published: 2024-11-12T15:37:52.162Z
Updated: 2024-11-19T04:56:07.498Z

SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a local unauthenticated attacker to achieve code execution. User interaction is required.

Published: 2024-11-12T15:37:08.015Z
Updated: 2024-11-19T04:56:06.281Z

SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a local unauthenticated attacker to achieve code execution. User interaction is required.

Published: 2024-11-12T15:37:08.015Z
Updated: 2024-11-19T04:56:06.281Z

Path traversal in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a local unauthenticated attacker to achieve code execution. User interaction is required.

Published: 2024-11-12T15:36:09.760Z
Updated: 2024-11-19T04:55:49.893Z

Path traversal in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a local unauthenticated attacker to achieve code execution. User interaction is required.

Published: 2024-11-12T15:36:09.760Z
Updated: 2024-11-19T04:55:49.893Z

An External XML Entity (XXE) vulnerability in the provisioning web service of Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote unauthenticated attacker to leak API secrets.

Published: 2024-09-12T01:09:56.254Z
Updated: 2024-09-13T15:48:43.529Z

SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote authenticated attacker with admin privileges to achieve remote code execution.

Published: 2024-11-13T01:54:45.383Z
Updated: 2024-11-19T04:55:56.052Z

Path traversal in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a local unauthenticated attacker to achieve code execution. User interaction is required.

Published: 2024-11-13T01:54:45.416Z
Updated: 2024-11-19T04:55:48.661Z

An unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker with admin privileges to achieve remote code execution.

Published: 2024-09-12T01:09:56.248Z
Updated: 2024-09-12T21:16:44.057Z

An unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker with admin privileges to achieve remote code execution.

Published: 2024-09-12T01:09:56.248Z
Updated: 2024-09-12T21:16:44.057Z

SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote authenticated attacker with admin privileges to achieve remote code execution.

Published: 2024-11-13T01:54:45.555Z
Updated: 2024-11-19T04:56:05.016Z

An unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker with admin privileges to achieve remote code execution.

Published: 2024-09-12T01:09:56.337Z
Updated: 2024-09-12T21:19:26.664Z

An unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker with admin privileges to achieve remote code execution.

Published: 2024-09-12T01:09:56.337Z
Updated: 2024-09-12T21:19:26.664Z

SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote authenticated attacker with admin privileges to achieve remote code execution.

Published: 2024-11-13T01:54:45.386Z
Updated: 2024-11-19T04:55:59.747Z

SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote authenticated attacker with admin privileges to achieve remote code execution.

Published: 2024-11-13T01:54:45.516Z
Updated: 2024-11-19T04:55:57.271Z

SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote authenticated attacker with admin privileges to achieve remote code execution.

Published: 2024-11-13T01:54:45.552Z
Updated: 2024-11-19T04:55:52.429Z

An unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker with admin privileges to achieve remote code execution.

Published: 2024-09-12T01:09:56.258Z
Updated: 2024-09-12T21:18:18.550Z

An unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker with admin privileges to achieve remote code execution.

Published: 2024-09-12T01:09:56.258Z
Updated: 2024-09-12T21:18:18.550Z

An unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker with admin privileges to achieve remote code execution.

Published: 2024-09-12T01:09:56.249Z
Updated: 2024-09-12T21:18:06.645Z

An unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker with admin privileges to achieve remote code execution.

Published: 2024-09-12T01:09:56.249Z
Updated: 2024-09-12T21:18:06.645Z

SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote authenticated attacker with admin privileges to achieve remote code execution.

Published: 2024-11-13T01:54:45.408Z
Updated: 2024-11-19T04:56:03.781Z

An unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker with admin privileges to achieve remote code execution.

Published: 2024-09-12T01:09:56.175Z
Updated: 2024-09-12T21:15:08.269Z

An unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker with admin privileges to achieve remote code execution.

Published: 2024-09-12T01:09:56.175Z
Updated: 2024-09-12T21:15:08.269Z

An unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker with admin privileges to achieve remote code execution.

Published: 2024-09-12T01:09:56.175Z
Updated: 2024-09-12T21:14:44.010Z

An unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker with admin privileges to achieve remote code execution.

Published: 2024-09-12T01:09:56.175Z
Updated: 2024-09-12T21:14:44.010Z

SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote authenticated attacker with admin privileges to achieve remote code execution.

Published: 2024-11-13T01:54:45.443Z
Updated: 2024-11-19T04:56:02.536Z

An unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker with admin privileges to achieve remote code execution.

Published: 2024-09-12T01:09:56.230Z
Updated: 2024-09-12T21:16:22.723Z

An unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker with admin privileges to achieve remote code execution.

Published: 2024-09-12T01:09:56.230Z
Updated: 2024-09-12T21:16:22.723Z

An unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker with admin privileges to achieve remote code execution.

Published: 2024-09-12T01:09:56.173Z
Updated: 2024-09-12T21:13:06.489Z

An unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker with admin privileges to achieve remote code execution.

Published: 2024-09-12T01:09:56.173Z
Updated: 2024-09-12T21:13:06.489Z

SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote authenticated attacker with admin privileges to achieve remote code execution.

Published: 2024-11-13T01:54:45.386Z
Updated: 2024-11-19T04:55:51.227Z

An unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker with admin privileges to achieve remote code execution.

Published: 2024-09-12T01:09:56.338Z
Updated: 2024-09-12T21:20:02.605Z

An unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker with admin privileges to achieve remote code execution.

Published: 2024-09-12T01:09:56.338Z
Updated: 2024-09-12T21:20:02.605Z

SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote authenticated attacker with admin privileges to achieve remote code execution.

Published: 2024-11-13T01:54:45.475Z
Updated: 2024-11-19T04:55:53.626Z

Deserialization of untrusted data in the agent portal of Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote unauthenticated attacker to achieve remote code execution.

Published: 2024-09-12T01:09:56.277Z
Updated: 2024-09-17T03:55:12.223Z

Deserialization of untrusted data in the agent portal of Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote unauthenticated attacker to achieve remote code execution.

Published: 2024-09-12T01:09:56.277Z
Updated: 2024-09-17T03:55:12.223Z

An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an authenticated attacker within the same network to execute arbitrary code.

Published: 2024-05-31T17:38:31.371Z
Updated: 2024-08-02T01:17:58.190Z

An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an authenticated attacker within the same network to execute arbitrary code.

Published: 2024-05-31T17:38:31.352Z
Updated: 2024-08-02T01:17:57.943Z

An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an authenticated attacker within the same network to execute arbitrary code.

Published: 2024-05-31T17:38:31.379Z
Updated: 2024-08-02T01:17:58.030Z

An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an authenticated attacker within the same network to execute arbitrary code.

Published: 2024-05-31T17:38:31.394Z
Updated: 2024-08-02T01:17:57.504Z

An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary code.

Published: 2024-05-31T17:38:31.405Z
Updated: 2024-08-02T01:17:57.542Z

An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary code.

Published: 2024-05-31T17:38:31.399Z
Updated: 2024-08-02T01:17:58.045Z

An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary code.

Published: 2024-05-31T17:38:31.330Z
Updated: 2024-08-02T01:17:57.543Z

An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary code.

Published: 2024-05-31T17:38:31.331Z
Updated: 2025-10-21T23:05:16.909Z

An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary code.

Published: 2024-05-31T17:38:31.409Z
Updated: 2024-08-02T01:17:57.385Z

An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary code.

Published: 2024-05-31T17:38:31.401Z
Updated: 2024-08-02T01:17:58.027Z

A buffer overflow allows a low privilege user on the local machine that has the EPM Agent installed to execute arbitrary code with elevated permissions in Ivanti EPM 2021.1 and older.

Published: 2024-05-31T17:38:31.334Z
Updated: 2025-03-17T15:41:54.663Z

Improper signature verification in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to achieve remote code execution. Local user interaction is required.

Published: 2025-01-14T17:16:17.218Z
Updated: 2026-02-26T19:09:29.342Z

Insufficient filename validation in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to achieve remote code execution. Local user interaction is required.

Published: 2025-01-14T17:16:48.419Z
Updated: 2026-02-26T19:09:29.018Z

Insufficient filename validation in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to achieve remote code execution. Local user interaction is required.

Published: 2025-01-14T17:16:48.419Z
Updated: 2026-02-26T19:09:29.018Z

An out-of-bounds write in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to cause a denial of service.

Published: 2025-01-14T17:17:50.470Z
Updated: 2025-01-16T21:17:15.067Z

An out-of-bounds write in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to cause a denial of service.

Published: 2025-01-14T17:17:50.470Z
Updated: 2025-01-16T21:17:15.067Z

An out-of-bounds read in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a local authenticated attacker to escalate their privileges.

Published: 2025-01-14T17:18:28.069Z
Updated: 2026-02-26T19:09:28.733Z

An out-of-bounds read in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a local authenticated attacker to escalate their privileges.

Published: 2025-01-14T17:18:28.069Z
Updated: 2026-02-26T19:09:28.733Z

An out-of-bounds write in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to cause a denial of service.

Published: 2025-01-14T17:19:00.787Z
Updated: 2025-01-16T21:18:56.082Z

An out-of-bounds write in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to cause a denial of service.

Published: 2025-01-14T17:19:00.787Z
Updated: 2025-01-16T21:18:56.082Z

An out-of-bounds write in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to cause a denial of service.

Published: 2025-01-14T17:19:43.062Z
Updated: 2025-01-16T21:19:20.404Z

An out-of-bounds write in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to cause a denial of service.

Published: 2025-01-14T17:19:43.062Z
Updated: 2025-01-16T21:19:20.404Z

An out-of-bounds write in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to cause a denial of service.

Published: 2025-01-14T17:20:19.876Z
Updated: 2025-01-15T15:20:00.615Z

An out-of-bounds write in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to cause a denial of service.

Published: 2025-01-14T17:20:19.876Z
Updated: 2025-01-15T15:20:00.615Z

An out-of-bounds write in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to cause a denial of service.

Published: 2025-01-14T17:22:15.933Z
Updated: 2025-01-15T15:19:52.577Z

An out-of-bounds write in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to cause a denial of service.

Published: 2025-01-14T17:22:15.933Z
Updated: 2025-01-15T15:19:52.577Z

An uninitialized resource in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a local authenticated attacker to escalate their privileges.

Published: 2025-01-14T17:22:49.382Z
Updated: 2026-02-26T19:09:28.454Z

An uninitialized resource in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a local authenticated attacker to escalate their privileges.

Published: 2025-01-14T17:22:49.382Z
Updated: 2026-02-26T19:09:28.454Z

Deserialization of untrusted data in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to achieve remote code execution. Local user interaction is required.

Published: 2025-01-14T17:23:13.781Z
Updated: 2026-02-26T19:09:28.096Z

Deserialization of untrusted data in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to achieve remote code execution. Local user interaction is required.

Published: 2025-01-14T17:23:13.781Z
Updated: 2026-02-26T19:09:28.096Z

SQL injection in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote authenticated attacker with admin privileges to achieve remote code execution. This CVE addresses incomplete fixes from CVE-2024-32848.

Published: 2025-01-14T17:23:48.256Z
Updated: 2026-02-26T19:09:27.921Z

SQL injection in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote authenticated attacker with admin privileges to achieve remote code execution. This CVE addresses incomplete fixes from CVE-2024-32848.

Published: 2025-01-14T17:23:48.256Z
Updated: 2026-02-26T19:09:27.921Z

Absolute path traversal in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to leak sensitive information.

Published: 2025-01-14T17:11:32.061Z
Updated: 2025-10-21T22:55:32.564Z

Absolute path traversal in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to leak sensitive information.

Published: 2025-01-14T17:12:23.237Z
Updated: 2025-10-21T22:55:32.382Z

Absolute path traversal in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to leak sensitive information.

Published: 2025-01-14T17:12:57.652Z
Updated: 2025-10-21T22:55:32.248Z

An unbounded resource search path in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote authenticated attacker with admin privileges to achieve remote code execution.

Published: 2025-01-14T17:13:29.275Z
Updated: 2026-02-26T19:09:29.804Z

An unbounded resource search path in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote authenticated attacker with admin privileges to achieve remote code execution.

Published: 2025-01-14T17:13:29.275Z
Updated: 2026-02-26T19:09:29.804Z

Absolute path traversal in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to leak sensitive information.

Published: 2025-01-14T16:59:32.982Z
Updated: 2026-02-26T19:09:29.972Z

Insufficient permissions in Ivanti Patch SDK before version 9.7.703 allows a local authenticated attacker to delete arbitrary files.

Published: 2024-12-10T18:46:01.911Z
Updated: 2024-12-10T20:44:59.599Z

An unspecified SQL Injection vulnerability in Ivanti Endpoint Manager released prior to 2022 SU 5 allows an attacker with access to the internal network to execute arbitrary SQL queries and retrieve output without the need for authentication. Under specific circumstances, this may also lead to RCE on the core server.

Published: 2024-01-09T01:33:05.875Z
Updated: 2025-06-03T14:33:22.988Z

An unspecified SQL Injection vulnerability in Ivanti Endpoint Manager released prior to 2022 SU 5 allows an attacker with access to the internal network to execute arbitrary SQL queries and retrieve output without the need for authentication. Under specific circumstances, this may also lead to RCE on the core server.

Published: 2024-01-09T01:33:05.875Z
Updated: 2025-06-03T14:33:22.988Z

An issue was discovered in Ivanti Endpoint Manager before 2022 SU4. A file disclosure vulnerability exists in the GetFileContents SOAP action exposed via /landesk/managementsuite/core/core.secure/OsdScript.asmx. The application does not sufficiently restrict user-supplied paths, allowing for an authenticated attacker to read arbitrary files from a remote system, including the private key used to authenticate to agents for remote access.

Published: 2023-09-21T00:00:00.000Z
Updated: 2024-09-24T16:55:31.523Z

An XXE (XML external entity injection) vulnerability exists in the CSEP component of Ivanti Endpoint Manager before 2022 SU4. External entity references are enabled in the XML parser configuration. Exploitation of this vulnerability can lead to file disclosure or Server Side Request Forgery.

Published: 2023-09-21T00:00:00.000Z
Updated: 2024-09-24T16:59:33.767Z

Unsafe Deserialization of User Input could lead to Execution of Unauthorized Operations in Ivanti Endpoint Manager 2022 su3 and all previous versions, which could allow an attacker to execute commands remotely.

Published: 2023-10-18T03:52:06.581Z
Updated: 2024-09-13T15:00:03.906Z

Unsafe Deserialization of User Input could lead to Execution of Unauthorized Operations in Ivanti Endpoint Manager 2022 su3 and all previous versions, which could allow an attacker to execute commands remotely.

Published: 2023-10-18T03:52:06.581Z
Updated: 2024-09-13T15:00:03.906Z

Allows an authenticated attacker with network access to read arbitrary files on Endpoint Manager recently discovered on 2022 SU3 and all previous versions potentially leading to the leakage of sensitive information.

Published: 2023-10-18T03:52:12.988Z
Updated: 2024-09-13T14:55:27.624Z

Allows an authenticated attacker with network access to read arbitrary files on Endpoint Manager recently discovered on 2022 SU3 and all previous versions potentially leading to the leakage of sensitive information.

Published: 2023-10-18T03:52:12.988Z
Updated: 2024-09-13T14:55:27.624Z

An out-of-bounds write vulnerability on windows operating systems causes the Ivanti AntiVirus Product to crash. Update to Ivanti AV Product version 7.9.1.285 or above.

Published: 2023-07-21T20:51:29.385Z
Updated: 2024-10-24T15:55:30.239Z

A improper input validation vulnerability exists in Ivanti Endpoint Manager 2022 and below that could allow privilege escalation or remote code execution.

Published: 2023-06-30T23:40:19.571Z
Updated: 2024-09-25T13:11:44.228Z

A deserialization of untrusted data exists in EPM 2022 Su3 and all prior versions that allows an unauthenticated user to elevate rights. This exploit could potentially be used in conjunction with other OS (Operating System) vulnerabilities to escalate privileges on the machine or be used as a stepping stone to get to other network attached machines.

Published: 2023-06-30T23:40:30.788Z
Updated: 2025-05-05T16:02:45.196Z

XML Injection with Endpoint Manager 2022. 3 and below causing a download of a malicious file to run and possibly execute to gain unauthorized privileges.

Published: 2022-12-05T00:00:00.000Z
Updated: 2025-04-24T13:20:21.012Z

The “LANDesk(R) Management Agent” service exposes a socket and once connected, it is possible to launch commands only for signed executables. This is a security bug that allows a limited user to get escalated admin privileges on their system.

Published: 2022-09-23T13:37:51.000Z
Updated: 2025-05-22T20:31:59.503Z

A privilege escalation vulnerability is identified in Ivanti EPM (LANDesk Management Suite) that allows a user to execute commands with elevated privileges.

Published: 2022-12-05T00:00:00.000Z
Updated: 2025-04-24T13:25:51.848Z

Ivanti Endpoint Manager through 2020.1.1 allows XSS via /LDMS/frm_splitfrm.aspx, /LDMS/licensecheck.aspx, /LDMS/frm_splitcollapse.aspx, /LDMS/alert_log.aspx, /LDMS/ServerList.aspx, /LDMS/frm_coremainfrm.aspx, /LDMS/frm_findfrm.aspx, /LDMS/frm_taskfrm.aspx, and /LDMS/query_browsecomp.aspx.

Published: 2020-11-16T15:30:14.000Z
Updated: 2024-08-04T12:25:16.530Z

In /ldclient/ldprov.cgi in Ivanti Endpoint Manager through 2020.1.1, an attacker is able to disclose information about the server operating system, local pathnames, and environment variables with no authentication required.

Published: 2020-11-16T15:24:46.000Z
Updated: 2024-08-04T12:25:16.481Z

Various components in Ivanti Endpoint Manager through 2020.1.1 rely on Windows search order when loading a (nonexistent) library file, allowing (under certain conditions) one to gain code execution (and elevation of privileges to the level of privilege held by the vulnerable component such as NT AUTHORITY\SYSTEM) via DLL hijacking. This affects ldiscn32.exe, IpmiRedirectionService.exe, LDAPWhoAmI.exe, and ldprofile.exe.

Published: 2020-11-12T17:13:04.000Z
Updated: 2024-08-04T12:25:16.676Z

Several services are accessing named pipes in Ivanti Endpoint Manager through 2020.1.1 with default or overly permissive security attributes; as these services run as user ‘NT AUTHORITY\SYSTEM’, the issue can be used to escalate privileges from a local standard or service account having SeImpersonatePrivilege (eg. user ‘NT AUTHORITY\NETWORK SERVICE’).

Published: 2020-11-12T17:38:03.000Z
Updated: 2024-08-04T12:25:16.560Z

LDMS/alert_log.aspx in Ivanti Endpoint Manager through 2020.1 allows SQL Injection via a /remotecontrolauth/api/device request.

Published: 2020-11-16T15:28:05.000Z
Updated: 2024-08-04T12:25:16.504Z