VYPR
Critical severity9.8NVD Advisory· Published Sep 12, 2024· Updated Jun 17, 2026

CVE-2024-29847

CVE-2024-29847

Description

Deserialization of untrusted data in the agent portal of Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote unauthenticated attacker to achieve remote code execution.

Affected products

2
  • Ivanti/EPMllm-fuzzy2 versions
    <2022 SU6 or 2024 September update+ 1 more
    • (no CPE)range: <2022 SU6 or 2024 September update
    • (no CPE)range: 2024 September Security Update

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.