CISA warns that hackers are actively exploiting a newly discovered vulnerability in Ivanti Endpoint Manager, enabling remote code execution on affected customers' servers.
CISA's advisory indicates that federal agencies must update their systems by October 23 to prevent exploitation of the vulnerability tracked as CVE-2024-29824.
Ivanti confirmed that a 'limited number' of customers were targeted by the exploitation of this vulnerability, though details on customer data remain undisclosed.
Ivanti has faced multiple incidents of vulnerability exploitation, including recent mass-exploitation of flaws in its Connect Secure VPN solution.
Collection
[
|
...
]