July 18, 2024 at 07:45AM Ivanti released patches for high-severity vulnerabilities in Endpoint Manager and Endpoint Manager for Mobile, including hotfix for an SQL injection flaw. Also, patches for four vulnerabilities impacting all versions of Endpoint Manager for Mobile were released. Additionally, patches for a medium-severity path traversal-affiliated vulnerability in Ivanti Docs@Work for Android were … Read more
May 22, 2024 at 07:42AM IT software company Ivanti released patches for several products, including critical vulnerabilities in Endpoint Manager (EPM). The fixes addressed SQL injection bugs and unrestricted file upload issues. Ivanti urged customers to update to the latest versions to apply the fixes. The company also reaffirmed its commitment to enhancing security practices. … Read more
January 5, 2024 at 07:18AM Ivanti warned of a critical vulnerability in its Endpoint Manager product, CVE-2023-39336, allowing remote code execution and potential device takeover. The issue affects EPM 2022 Service Update 4 and all prior versions, with a fix available in EPM 2022 Service Update 5. Ivanti restricts details to customers, suggesting proactive patching … Read more
January 5, 2024 at 03:27AM Ivanti has issued security updates for a critical flaw in its Endpoint Manager solution, posing a remote code execution risk. The vulnerability, rated 9.6 on the CVSS scale, affects EPM 2021 and 2022 prior to SU5. Ivanti also addressed multiple security flaws in its Avalanche enterprise mobile device management solution, … Read more