Remote Code Execution Bug Exploited in Limited Attacks. Ivanti confirmed that hackers are exploiting an SQL injection vulnerability in its Ivanti Endpoint Manager enabling remote code execution, despite the company addressing the issue with a patch in May. The flaw allows unauthenticated attackers within the same network to execute arbitrary code.
First seen on govinfosecurity.com
Jump to article: www.govinfosecurity.com/ivanti-confirms-exploitation-old-critical-vuln-a-26452