CVE-2024-13169
CVSS 3.1 Score 7.8 of 10 (high)
Details
Summary
CVE-2024-13169 is a newly disclosed vulnerability affecting Ivanti Environmental Policy Manager (EPM) versions before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update. This issue permits a local authenticated attacker to perform an out-of-bounds read, leading to privilege escalation. Successful exploitation of this vulnerability could allow an attacker to gain elevated access to the system, potentially resulting in significant data loss or unauthorized system modifications. It is essential that affected organizations apply the relevant security updates as soon as possible to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.