← ExploitWatch
HomeExploited Vulnerabilities

CVE-2021-44529 — Actively Exploited: Endpoint Manager Cloud Service Appliance (EPM CSA) (Ivanti)

Ivanti Endpoint Manager Cloud Service Appliance (EPM CSA) contains a code injection vulnerability that allows an unauthenticated user to execute malicious code with limited permissions (nobody).

CVE IDCVE-2021-44529
VendorIvanti
ProductEndpoint Manager Cloud Service Appliance (EPM CSA)
Vulnerability nameIvanti Endpoint Manager Cloud Service Appliance (EPM CSA) Code Injection Vulnerability
Date added2024-03-25
Remediation due2024-04-15
Known ransomware useKnown
Required actionApply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
DescriptionIvanti Endpoint Manager Cloud Service Appliance (EPM CSA) contains a code injection vulnerability that allows an unauthenticated user to execute malicious code with limited permissions (nobody).
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →