CVE-2024-34783 – Ivanti Endpoint Manager LoadSlotsTable SQL Injection Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-34783
An unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker with admin privileges to achieve remote code execution. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Endpoint Manager. ... An attacker can leverage this vulnerability to execute code in the context of the service account. • https://forums.ivanti.com/s/article/Security-Advisory-EPM-September-2024-for-EPM-2024-and-EPM-2022 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2024-8191 – Ivanti Endpoint Manager WasPreviouslyMapped SQL Injection Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-8191
SQL injection in the management console of Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote unauthenticated attacker to achieve remote code execution. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Endpoint Manager. ... An attacker can leverage this vulnerability to execute code in the context of the service account. • https://forums.ivanti.com/s/article/Security-Advisory-EPM-September-2024-for-EPM-2024-and-EPM-2022 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2024-8012 – Ivanti Workspace Control RES Exposed Dangerous Method Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-8012
An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the RES service, which listens on TCP port 1942 by default. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Workspace-Control-IWC • CWE-288: Authentication Bypass Using an Alternate Path or Channel •
CVE-2024-8190 – Ivanti Cloud Services Appliance OS Command Injection Vulnerability
https://notcve.org/view.php?id=CVE-2024-8190
An OS command injection vulnerability in Ivanti Cloud Services Appliance versions 4.6 Patch 518 and before allows a remote authenticated attacker to obtain remote code execution. • https://github.com/horizon3ai/CVE-2024-8190 https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Cloud-Service-Appliance-CSA-CVE-2024-8190 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVE-2024-8504 – VICIdial Authenticated Remote Code Execution
https://notcve.org/view.php?id=CVE-2024-8504
An attacker with authenticated access to VICIdial as an "agent" can execute arbitrary shell commands as the "root" user. This attack can be chained with CVE-2024-8503 to execute arbitrary shell commands starting from an unauthenticated perspective. An attacker with authenticated access to VICIdial version 2.14-917a as an agent can execute arbitrary shell commands as the root user. This attack can be chained with CVE-2024-8503 to execute arbitrary shell commands starting from an unauthenticated perspective. • https://github.com/Chocapikk/CVE-2024-8504 https://korelogic.com/Resources/Advisories/KL-001-2024-012.txt https://www.vicidial.org/vicidial.php • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •