September 11, 2024 at 03:45AM
Ivanti has released software updates addressing multiple critical vulnerabilities in their Endpoint Manager (EPM), with potential for remote code execution. Flaws affect EPM versions 2024 and 2022 SU5 and earlier, now resolved in versions 2024 SU1 and 2022 SU6. Additionally, high-severity issues in Ivanti Workspace Control and Cloud Service Appliance have been addressed. Zyxel also shipped fixes for a critical command injection vulnerability in its NAS devices.
From the meeting notes provided, it is clear that there are critical security vulnerabilities in Ivanti Enterprise Security. This includes 10 critical vulnerabilities impacting Endpoint Manager (EPM), with the potential for remote code execution. It is crucial for users to update to the latest versions of EPM (2024 SU1 and 2022 SU6 respectively) to safeguard against these potential threats, as well as to address seven high-severity shortcomings in Ivanti Workspace Control and Ivanti Cloud Service Appliance.
Moreover, it is noted that Ivanti has enhanced its internal scanning, manual exploitation, and testing capabilities, along with improvements to its responsible disclosure process to swiftly discover and address potential issues. The update comes in the wake of in-the-wild exploitation of zero-days in Ivanti appliances, including by China-based cyber espionage groups.
In addition to Ivanti, Zyxel has also fixed a critical operating system command injection vulnerability in its network-attached storage (NAS) devices. The vulnerability affects NAS326 and NAS542 devices and could allow an unauthenticated attacker to execute operating system commands. Users are advised to update to the fixed versions for their respective devices.
In conclusion, it’s crucial for users and organizations to stay updated on these security developments and ensure that their systems are patched with the latest fixes to mitigate potential risks.