Full Report
Ivanti has rolled out security updates to address several security flaws impacting Avalanche, Application Control Engine, and Endpoint Manager (EPM), including four critical bugs that could lead to information disclosure. All the four critical security flaws, rated 9.8 out of 10.0 on the CVSS scale, are rooted in EPM, and concern absolute path traversal flaws that allow a remote unauthenticated
Analysis Summary
# Vulnerability: Critical Path Traversal Flaws in Ivanti Endpoint Manager Leading to Information Disclosure
## CVE Details
- CVE ID: CVE-2024-10811, CVE-2024-13161, CVE-2024-13160, CVE-2024-13159
- CVSS Score: 9.8 (Critical)
- CWE: Absolute Path Traversal (Implied by description, leading to unauthenticated information disclosure)
## Affected Systems
- Products: Ivanti Endpoint Manager (EPM)
- Versions: EPM 2024 November security update and prior, and EPM 2022 SU6 November security update and prior.
- Configurations: Not specified, but the flaws allow remote, unauthenticated access.
## Vulnerability Description
Four critical vulnerabilities exist within Ivanti Endpoint Manager (EPM) related to absolute path traversal flaws. Successfully exploiting these flaws allows a remote, unauthenticated attacker to disclose sensitive system information.
## Exploitation
- Status: No evidence of exploitation in the wild reported by the vendor.
- Complexity: Expected to be Low, given the Critical CVSS score and unauthenticated remote vector.
- Attack Vector: Network
## Impact
- Confidentiality: High (Information Disclosure of sensitive system files)
- Integrity: Low (No direct mention of modification capabilities)
- Availability: Low (No direct mention of denial of service)
## Remediation
### Patches
- EPM 2024 January-2025 Security Update
- EPM 2022 SU6 January-2025 Security Update
### Workarounds
- No specific workarounds were detailed in the provided context besides applying the patch.
## Detection
- Detection methods and tools were not specified in the article, but monitoring network traffic for unusual access attempts toward EPM components handling file paths is recommended.
## References
- Vendor advisory: hxxps://www.ivanti.com/blog/january-security-update
- General reporting link (defanged): hxxps://thehackernews.com/2025/01/researcher-uncovers-critical-flaws-in.html