all InfoSec news
Ivanti Released a Patch in Endpoint Manager Solution (EPM) for a Critical Vulnerability, CVE-2023-39336
Malware Analysis, News and Indicators - Latest topics malware.news
Ivanti has addressed a critical vulnerability in its Endpoint Manager (EPM) solution, identified as CVE-2023-39336, with a critical severity score of 9.6/10. This vulnerability, affecting EPM versions 2021 and 2022 prior to SU5, could enable Remote Code Execution (RCE) on affected servers.
The vulnerability involves an SQL injection that does not require authentication, allowing attackers to execute arbitrary SQL queries and potentially control machines running the EPM agent. The issue is especially severe when the core server uses SQL …
code code execution critical critical vulnerability cve enable endpoint epm ivanti manager patch rce remote code remote code execution score servers severity solution vulnerability