Multiple Vulnerabilities in Ivanti Products Could Allow for Remote Code Execution –
Multiple vulnerabilities have been discovered in Ivanti products, the most severe of which could allow for remote code execution.
Ivanti Endpoint Manager is a client-based unified endpoint management software.Ivanti Cloud Service Appliance (CSA) is an Internet appliance that provides secure communication and functionality over the Internet.Ivanti Workspace Control (IWC) is a Windows desktop configuration and control software.
Successful exploitation could allow for remote code execution in the context of the system. Depending on the privileges associated with the system, an attacker could then install programs; view, change, or delete data. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
– Read More – Cyber Security Advisories – MS-ISAC