CVE-2021-44529 — Actively Exploited: Endpoint Manager Cloud Service Appliance (EPM CSA) (Ivanti)
Ivanti Endpoint Manager Cloud Service Appliance (EPM CSA) contains a code injection vulnerability that allows an unauthenticated user to execute malicious code with limited permissions (nobody).
| CVE ID | CVE-2021-44529 |
|---|---|
| Vendor | Ivanti |
| Product | Endpoint Manager Cloud Service Appliance (EPM CSA) |
| Vulnerability name | Ivanti Endpoint Manager Cloud Service Appliance (EPM CSA) Code Injection Vulnerability |
| Date added | 2024-03-25 |
| Remediation due | 2024-04-15 |
| Known ransomware use | Known |
| Required action | Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. |
| Description | Ivanti Endpoint Manager Cloud Service Appliance (EPM CSA) contains a code injection vulnerability that allows an unauthenticated user to execute malicious code with limited permissions (nobody). |
| Source | CISA Known Exploited Vulnerabilities |
🔍 Search all exploited vulnerabilities →
$1499/mo
Try ExploitWatch →