CVE-2024-34787

CVSS 3.0 Score 7.8 of 10 (high)

Details

Published Nov 13, 2024
CWE ID 22

Summary

CVE-2024-34787 is a newly disclosed vulnerability affecting Ivanti Endpoint Manager versions prior to the November 2024 Security Update and 2022 SU6. This issue permits a local, unauthenticated attacker to execute arbitrary code through a path traversal vulnerability. Interaction from the user is required to exploit this weakness. This security flaw could lead to significant security risks if not addressed promptly by applying the available security updates.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share