Back to KEVs

CVE-2024-29824

An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same...

Basic Information

CVE State
PUBLISHED
Reserved Date
March 20, 2024
Published Date
May 31, 2024
Last Updated
November 05, 2024
Vendor
Ivanti
Product
EPM
Description
An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary code.
Tags
cisa nuclei_scanner edge metasploit_scanner

CVSS Scores

CVSS v3.0

9.6 - CRITICAL

Vector: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

SSVC Information

Exploitation
active
Automatable
Yes
Technical Impact
total

Exploit Status

Exploited in the Wild
Yes (2025-05-05 00:00:00 UTC) Source
Proof of Concept Available
Yes (added 2024-06-12 13:53:32 UTC) Source

References

https://forums.ivanti.com/s/article/Security-Advisory-May-2024

Known Exploited Vulnerability Information

Source Added Date
CISA 2024-10-02 00:00:00 UTC

Scanner Integrations

Scanner URL Date Detected
Metasploit https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/ivanti_epm_recordgoodapp_sqli_rce.rb 2025-04-29 11:01:38 UTC
Nuclei https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2024/CVE-2024-29824.yaml 2025-04-26 00:00:00 UTC

Potential Proof of Concepts

Warning: These PoCs have not been tested and could contain malware. Use at your own risk.

ivanti_epm_recordgoodapp_sqli_rce

Type: metasploit • Created: Unknown

Metasploit module for CVE-2024-29824

horizon3ai/CVE-2024-29824

Type: github • Created: 2024-06-12 13:53:32 UTC • Stars: 22

Ivanti EPM SQL Injection Remote Code Execution Vulnerability

Timeline

  • CVE ID Reserved

  • CVE Published to Public

  • Proof of Concept Exploit Available

  • Added to KEVIntel

  • Detected by Nuclei

  • Detected by Metasploit