Ivanti: >> Endpoint Manager >> 2021.1 Security Vulnerabilities
A improper input validation vulnerability exists in Ivanti Endpoint Manager 2022 and below that could allow privilege escalation or remote code execution.
CVSS Score
9.8
EPSS Score
0.776
Published
2023-07-01
A privilege escalation vulnerability is identified in Ivanti EPM (LANDesk Management Suite) that allows a user to execute commands with elevated privileges.
CVSS Score
9.8
EPSS Score
0.069
Published
2022-12-05
XML Injection with Endpoint Manager 2022. 3 and below causing a download of a malicious file to run and possibly execute to gain unauthorized privileges.
CVSS Score
7.8
EPSS Score
0.006
Published
2022-12-05
The “LANDesk(R) Management Agent” service exposes a socket and once connected, it is possible to launch commands only for signed executables. This is a security bug that allows a limited user to get escalated admin privileges on their system.
CVSS Score
6.7
EPSS Score
0.001
Published
2022-09-23
Page 10