Get all your news in one place.
100’s of premium titles.
One app.
Start reading
TechRadar
TechRadar
Sead Fadilpašić

Ivanti fixes critical security flaw that could let hackers hijack work devices, so patch now

A digital padlock on a blue digital background.

Ivanti has addressed a critical vulnerability in one of its products which could have allowed threat actors to drop all kinds of malware on flawed endpoints. 

As per an advisory released by the company earlier this week, the flaw is a remote code execution (RCE) vulnerability found in its Endpoint Management Software (EPM), BleepingComputer reported.

By abusing the flaw, threat actors could hijack enrolled devices or even the core server. The vulnerability is now tracked as CVE-2023-39336, and affects all supported EPM versions. If your organization is using the software, make sure to update it to version 2022 Service Update 5. 

No evidence of abuse

To abuse the flaw, the attackers don’t require special privileges, or even user interaction. The only thing they need is access to the target’s internal network. "If exploited, an attacker with access to the internal network can leverage an unspecified SQL injection to execute arbitrary SQL queries and retrieve output without the need for authentication," Ivanti says. "This can then allow the attacker control over machines running the EPM agent. When the core server is configured to use SQL express, this might lead to RCE on the core server."

The good news is that Ivanti was proactive about the flaw. There is no evidence of hackers abusing it in the wild, or client complaints of hacking attempts. Further details about the flaw, found in the advisory, are currently unavailable, likely to give most customers a chance to apply the patch before other threat actors learn about the hole.

Ivanti’s EPM is a unified platform designed to help businesses manage user profiles and client devices. It supports Windows, macOS, Linux, Chrome OS, and different IoT platforms. It also comes with Day Zero support, promising swift management without loss of functionality, or downtime.

The company counts more than 40,000 clients around the world.

More from TechRadar Pro

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
One subscription that gives you access to news from hundreds of sites
Already a member? Sign in here
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.