The Digital Security Authority (DSA) wants to bring to your attention, to a critical vulnerability in Ivanti's endpoint management (EPM) software.

Details
Ivanti has released security updates to address a critical flaw impacting its Endpoint Manager (EPM) solution, which, if successfully exploited, could result in remote code execution (RCE) on susceptible servers. The vulnerability, tracked as CVE-2023-39336, has been rated 9.6 out of 10 on the CVSS scoring system. If exploited, an attacker with access to the internal network can leverage an unspecified SQL injection to execute arbitrary SQL queries and retrieve output without the need for authentication. This can then allow the attacker control over machines running the EPM agent. This applies to all instances of MSSQL.

Fixed Version:
• EPM 2022: Service Update 5

Recommendations:
Digital Security Authority (DSA) recommends to immediately apply relevant security updates on Ivanti EPM servers.

The information presented in this report is based on available data up to 08 January 2024.