CVE-2024-13172 - Vulnerability Details - OpenCVE

Improper signature verification in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to achieve remote code execution. Local user interaction is required.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

No data.

No data.

No data.

References

Link	Providers
https://forums.ivanti.com/s/article/Security-Advisory-EPM-January-2025-for-EPM-2024-and-EPM-2022-SU6

History

Tue, 14 Jan 2025 17:30:00 +0000

Type	Values Removed	Values Added
Description		Improper signature verification in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to achieve remote code execution. Local user interaction is required.
Weaknesses		CWE-347
References		https://forums.ivanti.com/s/article/Security-Advisory-EPM-January-2025-for-EPM-2024-and-EPM-2022-SU6
Metrics		cvssV3_1 `{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H'}`

MITRE

Status: PUBLISHED

Assigner: ivanti

Published: 2025-01-14T17:16:17.218Z

Updated: 2025-01-14T17:16:17.218Z

Reserved: 2025-01-07T02:28:59.790Z

Link: CVE-2024-13172

Vulnrichment

No data.

NVD

Status : Received

Published: 2025-01-14T18:15:29.110

Modified: 2025-01-14T18:15:29.110

Link: CVE-2024-13172

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-13172", "assignerOrgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", "state": "PUBLISHED", "assignerShortName": "ivanti", "dateReserved": "2025-01-07T02:28:59.790Z", "datePublished": "2025-01-14T17:16:17.218Z", "dateUpdated": "2025-01-14T17:16:17.218Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "affected", "product": "Endpoint Manager", "vendor": "Ivanti", "versions": [{"status": "unaffected", "version": "2024 January-2025 Security Update", "versionType": "custom"}, {"status": "unaffected", "version": "2022 SU6 January-2025 Security Update", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">Improper signature verification</span><span style=\"background-color: rgb(255, 255, 255);\"> in </span><span style=\"background-color: rgb(255, 255, 255);\">Ivanti EPM</span><span style=\"background-color: rgb(255, 255, 255);\"> before</span><span style=\"background-color: rgb(255, 255, 255);\"> the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update</span><span style=\"background-color: rgb(255, 255, 255);\"> allows a </span><span style=\"background-color: rgb(255, 255, 255);\">remote</span> <span style=\"background-color: rgb(255, 255, 255);\">unauthenticated</span><span style=\"background-color: rgb(255, 255, 255);\"> attacker to </span><span style=\"background-color: rgb(255, 255, 255);\">achieve remote code execution. Local user interaction is </span><span style=\"background-color: rgb(255, 255, 255);\">required</span><span style=\"background-color: rgb(255, 255, 255);\">.</span>"}], "value": "Improper signature verification in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to achieve remote code execution. Local user interaction is required."}], "impacts": [{"capecId": "CAPEC-558", "descriptions": [{"lang": "en", "value": "CAPEC-558 Replace Trusted Executable"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-347", "description": "CWE-347 Improper Verification of Cryptographic Signature", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", "shortName": "ivanti", "dateUpdated": "2025-01-14T17:16:17.218Z"}, "references": [{"url": "https://forums.ivanti.com/s/article/Security-Advisory-EPM-January-2025-for-EPM-2024-and-EPM-2022-SU6"}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 0.2.0"}}}}