CVE-2024-50330: Ivanti Endpoint Manager SQL Injection Vulnerability

About the Vulnerability

Introduction

Ivanti Endpoint Manager (formerly known as LANDesk Management Suite) is a comprehensive endpoint management solution developed by Ivanti Corporation. It is primarily used to help businesses manage and secure a variety of endpoint devices in their network, including desktop computers, laptops, mobile devices, and servers.

Summary

On November 14, 2024, Sangfor FarSight Labs received notification that a Ivanti-Endpoint-Manager component contains information of SQL Injection vulnerability(CVE-2024-50330), classified as critical in threat level.

The Ivanti Endpoint Manager proxy portal contains an SQL injection vulnerability that unauthorized attackers can exploit to execute malicious SQL statements, run arbitrary code, and potentially compromise the server.

Affected Versions

Ivanti Endpoint Manager (EPM) 2024 < 2024 September security update

Ivanti Endpoint Manager (EPM) 2022 < 2022 SU6 September security update

Solutions

Official Solution

The latest versions have been officially released to fix this vulnerability; it is recommended that affected users update the Ivanti Endpoint Manager to the following versions:

2024 November Security Update

2022 SU6 November Security Update

Download Links:

https://download.ivanti.com/downloads/Patch/component/EPM2024/Security/Flat/EPM_2024_Flat_November_2024_Patch.zip

https://download.ivanti.com/downloads/Patch/component/EPM2022/Security/SU6/EPM_2022_SU6_November_2024_Patch.zip

Timeline

On November 14, 2024, Sangfor FarSight Labs received notification of Ivanti Endpoint Manager SQL Injection vulnerability.

On November 14, 2024, Sangfor FarSight Labs released a vulnerability alert.

References

https://forums.ivanti.com/s/article/Security-Advisory-EPM-November-2024-for-EPM-2024-and-EPM-2022