American IT software company Ivanti warned customers today to patch a newly disclosed vulnerability in its Endpoint Manager (EPM) solution that could allow attackers to execute code remotely. Ivanti ...

New research points to flaws used in targets against cloud instances The flaws were previously found in on-prem attacks Ivanti released a patch so apply it now Two bugs affecting Ivanti’s Endpoint ...

Ivanti has disclosed two zero-day vulnerabilities in its Endpoint Manager Mobile product that threat actors have chained together for remote code execution (RCE) attacks. In a security advisory ...

Ivanti warned customers today to patch their Ivanti Endpoint Manager Mobile (EPMM) software against two security vulnerabilities chained in attacks to gain remote code execution. "Ivanti has released ...

Three of the four critical path traversal flaws fixed in January in Ivanti Endpoint Manager are being exploited in cyberattacks after proof-of-concept exploit code was released last month. The US ...

Security supplier Ivanti has once again found itself at the centre of an expanding series of breaches after it emerged that two freshly disclosed vulnerabilities in a number of its products are likely ...

Hackers are actively targeting deployments of some Ivanti Inc. software products using a newly discovered security vulnerability. The company disclosed the exploit, which is tracked as CVE-2025-0282, ...

The UK’s National Cyber Security Centre (NCSC) and its US equivalent have urged Ivanti customers to take immediate action to mitigate two new vulnerabilities, one of which is being actively exploited.

The software maker announced that a stack-based buffer overflow flaw in its SSL VPN appliance has been exploited in the wild. Ivanti Policy Secure and Ivanti Neurons for ZTA gateways are also impacted ...

Customers of Ivanti’s Cloud Services Appliance (CSA) have been urged to update their product immediately after the vendor released details of three zero-day vulnerabilities that are being exploited in ...

The Cybersecurity and Infrastructure Security Agency (CISA) has added a third Ivanti vulnerability to the agency's Known Exploited Vulnerabilities (KEV) Catalog in as many weeks. CVE-2024-7593 is a ...

Ivanti has released a patch for a critical security vulnerability, advising users to apply it immediately to secure their infrastructure. In an advisory, Ivanti said it had uncovered a deserialization ...