← ExploitWatch
HomeExploited Vulnerabilities

CVE-2024-29824 — Actively Exploited: Endpoint Manager (EPM) (Ivanti)

Ivanti Endpoint Manager (EPM) contains a SQL injection vulnerability in Core server that allows an unauthenticated attacker within the same network to execute arbitrary code.

CVE IDCVE-2024-29824
VendorIvanti
ProductEndpoint Manager (EPM)
Vulnerability nameIvanti Endpoint Manager (EPM) SQL Injection Vulnerability
Date added2024-10-02
Remediation due2024-10-23
Known ransomware useUnknown
Required actionApply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
DescriptionIvanti Endpoint Manager (EPM) contains a SQL injection vulnerability in Core server that allows an unauthenticated attacker within the same network to execute arbitrary code.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →