Ivanti EPMM privilege escalation flaw exploit now available, CVE 2024-22026

May 20, 2024
1 min read

TLDR:

  • A PoC exploit for CVE-2024-22026, a privilege escalation bug affecting Ivanti EPMM, has been released.
  • The vulnerability allows attackers to create a backdoor account with root access.

Technical details about and a proof-of-concept (PoC) exploit for CVE-2024-22026, a privilege escalation bug affecting Ivanti EPMM, has been released by the vulnerability’s reporter. The vulnerability was discovered by Bryan Smith and affects Ivanti EPMM v12.0 and earlier. The exploit allows attackers to elevate their privileges by creating a new user account with root access. This backdoor account bypasses the intended restricted shell environment, leading to complete system compromise and potential network intrusion.

CVE-2024-22026, as well as two SQL injection flaws, have been fixed in Ivanti EPMM v12.1.0.0. To mitigate the risk of exploitation, admins are advised to upgrade their installations to the latest available version as soon as possible.

Latest from Blog

Boosting Indonesia’s Cybersecurity Post Ransomware Attacks

Strengthening Indonesia’s Cybersecurity Defenses In Wake Of Ransomware Attacks TLDR: – Recent ransomware attack on Indonesia’s National Data Centre highlights need for strong cybersecurity measures – Key recommendations include regular security audits,

Simplify your workload with AI-powered threat intelligence reports

TLDR: Cybersecurity professionals face challenges managing workloads, budgets, and attack surfaces. AI-driven threat intelligence reporting tool, IQ Report Generator by Cybersixgill, helps automate and streamline the reporting process. Article Summary: Cybersecurity professionals