Ivanti has announced a critical security vulnerability in its Endpoint Manager (EPM), a tool relied upon by countless organisations to maintain their IT assets. The flaw allows attackers to execute code remotely, putting entire estates at risk. If you have not yet patched your EPM deployment, it is essential to act immediately.
The disclosed vulnerability effectively hands over system control to adversaries and represents a particularly dangerous form of remote code execution (RCE). Attackers can use RCE to install malicious software, access sensitive data, or move laterally through IT environments, further amplifying the potential harm.
Endpoint management solutions operate with extensive privileges across networks, tasked with coordinating updates, applying policies, and maintaining connections with every workstation or device. A single compromise could quickly cascade, impacting hundreds or thousands of endpoints, rather than being isolated to one device.
Ivanti has strongly advised its customers to patch affected systems without delay. While a swift response is vital, this incident underscores a broader principle: even mature, widely used products are not immune to severe vulnerabilities. These events reinforce the need for IT teams to consistently prioritise patch management, maintain scepticism about vendor security, and implement layered defensive measures to limit the impact when security gaps do emerge.
If you are running Ivanti EPM, install the latest update as soon as possible. For all IT professionals, remember that maintaining security is an ongoing process; software updates and critical vulnerability disclosures are an inevitable part of the landscape.
Original Story: Bleeping Computer
