Ethical Hacking News
Ivanti, a leading provider of endpoint management solutions, has been plagued by four critical path traversal vulnerabilities in its Endpoint Manager product. These severe flaws have left many organizations vulnerable to potential cyber threats. In this article, we will delve deeper into the nature of these vulnerabilities and why patching is essential to protect against them.
Ivanti's Endpoint Manager product has four critical vulnerabilities rated 9.8 out of 10 on the Common Vulnerability Scoring System (CVSS) severity scale. The first flaw, CVE-2024-10811, is an absolute path traversal vulnerability that allows unauthorized access to sensitive information. A remote unauthenticated attacker can exploit CVE-2024-13161 and CVE-2024-13160 to leak sensitive data and manipulate endpoint manager's host machine. The fourth vulnerability, CVE-2024-13159, is also an absolute path traversal flaw that allows a remote unauthenticated attacker to leak sensitive information. These vulnerabilities can be exploited through certain API calls, potentially resulting in the release of sensitive information like NTLMv2 hashes.
Ivanti, a leading provider of endpoint management solutions, has recently discovered four critical vulnerabilities in its Endpoint Manager product. These flaws, all rated 9.8 out of 10 on the Common Vulnerability Scoring System (CVSS) severity scale, pose a significant risk to organizations relying on Ivanti's products for their cybersecurity needs.
The first flaw, CVE-2024-10811, is an absolute path traversal vulnerability that allows an unauthenticated attacker to access sensitive information. This means that an attacker could potentially exploit this vulnerability to gain unauthorized access to the endpoint manager's host machine and steal sensitive data.
A similar vulnerability was found in Ivanti's Windows-based product, CVE-2024-13161, which also allows for absolute path traversal attacks, enabling a remote unauthenticated attacker to leak sensitive information.
The third vulnerability, CVE-2024-13160, is another absolute path traversal flaw that can be exploited by an unauthenticated attacker to access and manipulate sensitive data. This exploit could potentially allow attackers to use Ivanti's Endpoint Manager in relay attacks, which could result in a system compromise.
Similarly, the fourth and final vulnerability, CVE-2024-13159, is also an absolute path traversal flaw, allowing a remote unauthenticated attacker to leak sensitive information and coerce the Ivanti [Endpoint Manager] machine account credential for use in relay attacks.
These four vulnerabilities can be exploited by an unauthenticated attacker through certain API calls. This allows an attacker to access the directory of a remote server from within the endpoint manager's web-based APIs, potentially resulting in the release of sensitive information such as NTLMv2 hashes.
The PoC (Proof-of-Concept) exploit code for these four vulnerabilities was made available by Zach Hanley, a vulnerability researcher at infosec consultancy Horizon3.ai. This has provided more detailed insights into the vulnerabilities and their potential impact on organizations using Ivanti Endpoint Manager products.
Ivanti released patches in January to address these critical security holes. However, a new version of the patch has been updated to V2 to fix an issue with the Windows "Action" tab that prevented users from creating new Windows Action packages or editing existing ones.
The discovery and exploitation of these four vulnerabilities highlights the importance of keeping software up-to-date and regularly applying patches to prevent system compromises. Organizations relying on Ivanti's products for their cybersecurity needs should revisit their patching schedules as soon as possible.
In conclusion, this article provides an in-depth look at the recently discovered critical path traversal vulnerabilities in Ivanti Endpoint Manager products. These flaws pose a significant risk to organizations using these products and emphasize the need for timely software updates and patches to ensure system security.
Related Information:
https://go.theregister.com/feed/www.theregister.com/2025/02/21/ivanti_traversal_flaw_poc_exploit/
https://www.theregister.com/2025/02/21/ivanti_traversal_flaw_poc_exploit/
https://www.msn.com/en-us/technology/cybersecurity/ivanti-endpoint-manager-can-become-endpoint-ravager-thanks-to-quartet-of-critical-flaws/ar-AA1zuwbR
https://nvd.nist.gov/vuln/detail/CVE-2024-10811
https://www.cvedetails.com/cve/CVE-2024-10811/
https://nvd.nist.gov/vuln/detail/CVE-2024-13161
https://www.cvedetails.com/cve/CVE-2024-13161/
https://nvd.nist.gov/vuln/detail/CVE-2024-13160
https://www.cvedetails.com/cve/CVE-2024-13160/
https://nvd.nist.gov/vuln/detail/CVE-2024-13159
https://www.cvedetails.com/cve/CVE-2024-13159/
Published: Fri Feb 21 01:23:12 2025 by llama3.2 3B Q4_K_M
