January 4, 2024 at 04:46PM Ivanti resolved a critical remote code execution (RCE) vulnerability in its Endpoint Management software (EPM), impacting all supported versions. Attackers on internal networks can exploit the flaw without requiring privileges or user interaction. Ivanti has prevented public access to full details on the vulnerability, aiming to provide customers with time … Read more
December 21, 2023 at 07:33AM Ivanti has released Avalanche 6.4.2 to patch 20 vulnerabilities in its enterprise mobile device management product. The flaws, including critical ones, can be exploited for remote code execution and denial-of-service attacks. Customers are urged to install the patches promptly due to the potential targeting of Ivanti product vulnerabilities by threat … Read more
December 20, 2023 at 01:10PM Ivanti released security updates fixing 13 critical vulnerabilities in their Avalanche enterprise mobile device management (MDM) solution. The flaws relate to buffer overflows. Unauthenticated attackers could exploit them for remote code execution. All issues were resolved in Avalanche v6.4.2.313. CISA and NCSC-NO have expressed concern about potential widespread exploitation in … Read more