What is CVE-2024-50324 — Path Traversal in Ivanti Endpoint Manager?

CVE-2024-50324 is a Path Traversal vulnerability in Ivanti Endpoint Manager allowing remote code execution by authenticated admins before the 2024 November Security Update or 2022 SU6 November Security Update.

Am I affected by CVE-2024-50324 in Ivanti Endpoint Manager?

You are affected if you are running Ivanti Endpoint Manager versions prior to the 2024 November Security Update or 2022 SU6 November Security Update and have authenticated administrators.

How do I fix CVE-2024-50324 in Ivanti Endpoint Manager?

Upgrade to the 2024 November Security Update or 2022 SU6 November Security Update. Implement network segmentation and restrict admin access as temporary mitigations.

Is CVE-2024-50324 being actively exploited?

While no public exploits are currently available, the vulnerability's nature suggests a potential for exploitation, and monitoring is recommended.

Where can I find the official Ivanti advisory for CVE-2024-50324?

Refer to the official Ivanti security advisory for detailed information and updates: [https://www.ivanti.com/support/security-advisories/](https://www.ivanti.com/support/security-advisories/)

CVE-2024-50324 — Vulnerability Details

NEXTGUARD

Scanner gratuitement

CVE-2024-50324 — Vulnerability Details | NextGuard

Étapes de Détectiontraduction en cours…

• windows / supply-chain:

Get-WinEvent -LogName Security -Filter "EventID = 4625 -Message contains 'Ivanti Endpoint Manager'" | Where-Object {$_.Properties[0].Value -match '\\'}

• windows / supply-chain:

Get-ScheduledTask | Where-Object {$_.TaskName -match 'Ivanti Endpoint Manager'}

• windows / supply-chain:

reg query "HKLM\Software\Ivanti\Endpoint Manager" /v UnauthorizedAccess

Traversée de chemin dans Ivanti Endpoint Manager avant la mise à jour de sécurité de novembre 2024 ou la mise à jour de sécurité de novembre 2022 SU6 permet à un attaquant authentifié distant disposant de privilèges d'administrateur d'obtenir une exécution de code distante.

Impact et Scénarios d'Attaque

Contexte d'Exploitation

Qui Est à Risquetraduction en cours…

Étapes de Détectiontraduction en cours…

Chronologie de l'Attaque

Renseignement sur les Menaces

Logiciel Affecté

Classification de Faiblesse (CWE)

Chronologie

Mitigation et Contournements

Comment corrigertraduction en cours…

Newsletter Sécurité CVE

Questions fréquentestraduction en cours…

What is CVE-2024-50324 — Path Traversal in Ivanti Endpoint Manager?

Am I affected by CVE-2024-50324 in Ivanti Endpoint Manager?

How do I fix CVE-2024-50324 in Ivanti Endpoint Manager?

Is CVE-2024-50324 being actively exploited?

Where can I find the official Ivanti advisory for CVE-2024-50324?

Ton projet est-il affecté ?