CVE-2024-29824CISA KEVEPSS p100.0%

CVE-2024-29824Ivanti Endpoint Manager (EPM) SQL Injection Vulnerability

Ivanti / Endpoint Manager (EPM)

Description

Ivanti Endpoint Manager (EPM) contains a SQL injection vulnerability in Core server that allows an unauthenticated attacker within the same network to execute arbitrary code.

Scoring

EPSS99.95% probability of exploitation · percentile 100.0% · 2026-06-15T12:03:41Z

CISA KEV entry

Added to KEV: 2024-10-02

(incoming)1

TypeTargetConfidenceTier
KEVEntryIvanti Endpoint Manager (EPM) SQL Injection Vulnerabilitykev-cve-2024-298240%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-8111
CVE
Ivanti Endpoint Manager Mobile (EPMM) Code Injection Vulnerability
CVE
Ivanti Endpoint Manager (EPM) Authentication Bypass Vulnerability
CVE
Ivanti Cloud Services Appliance (CSA) SQL Injection Vulnerability
CVE
Ivanti Endpoint Manager (EPM) Absolute Path Traversal Vulnerability
CVE
Ivanti Endpoint Manager Cloud Service Appliance (EPM CSA) Code Injection Vulnerability
Sourced from NVD + CISA KEV + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.