cbcvebase.
CVE-2024-36130
published 2024-08-07

CVE-2024-36130: An insufficient authorization vulnerability in web component of EPMM prior to 12.1.0.1 allows an unauthorized attacker within the network to execute arbitrary…

PriorityP266critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
2.25%
80.7th percentile
An insufficient authorization vulnerability in web component of EPMM prior to 12.1.0.1 allows an unauthorized attacker within the network to execute arbitrary commands on the underlying operating system of the appliance.

Affected

2 ranges
VendorProductVersion rangeFixed in
ivantiendpoint_manager_mobile< 12.1.0.112.1.0.1
ivantiepmm>= 12.1.0.1 < 12.1.0.112.1.0.1

Detection & IOCsextracted from sources · hover to see the quote

  • Vulnerability exists in the web component of Ivanti EPMM (Endpoint Manager Mobile) prior to version 12.1.0.1, allowing unauthenticated network-adjacent attackers to execute arbitrary OS commands
  • ·Attacker must be within the network to exploit this vulnerability; exposure is limited to network-adjacent attackers, not remote internet-based attackers
  • ·Affected versions are Ivanti EPMM prior to 12.1.0.1; patching to 12.1.0.1 or later is required to remediate

CVSS provenance

nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.