"Ivanti Warns Critical EPM Bug Lets Hackers Hijack Enrolled Devices"

A critical Remote Code Execution (RCE) vulnerability in Ivanti's Endpoint Management (EPM) software could have enabled unauthenticated attackers to take control of enrolled devices or the core server. Ivanti EPM helps manage client devices running various platforms. The now-fixed security vulnerability, tracked as CVE-2023-39336, could have allowed an attacker with access to a target's internal network to launch low-complexity attacks that do not require privileges or user interaction. This article continues to discuss the potential exploitation and impact of the critical EPM flaw.

Bleeping Computer reports "Ivanti Warns Critical EPM Bug Lets Hackers Hijack Enrolled Devices"

Submitted by grigby1

Submitted by Gregory Rigby on