KEVIntel
Back to KEVs
9.6
CVSS
Critical

CVE-2024-29824

PUBLISHED

An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same...

Exploited in the wild PoC available Low complexity No user interaction
Vendor
Ivanti
Product
EPM
Published
May 31, 2024
EPSS

Description

An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary code.

cisa nuclei_scanner edge metasploit nessus_scanner

CVSS scores

CVSS v3.0 9.6 Critical

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Exploitation status

Exploited in the wild

Recorded 2024-10-02 00:00:00 UTC · Source

Proof of concept available

Recorded 2024-06-12 13:53:32 UTC · Source

SSVC decision points

Exploitation
active
Automatable
Yes
Technical impact
total

References

Known exploited vulnerability sources

Catalogues that list this CVE as a known exploited vulnerability.

Source Added
CISA Oct 02, 2024

Scanner integrations

Scanner Reference Detected
Metasploit https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/ivanti_epm_recordgoodapp_sqli_rce.rb Apr 28, 2025
Nuclei https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2024/CVE-2024-29824.yaml Apr 25, 2025

Potential proof of concepts

These PoCs are unverified and could contain malware. Use at your own risk.

ivanti_epm_recordgoodapp_sqli_rce

metasploit · Created Unknown

Metasploit module for CVE-2024-29824

horizon3ai/CVE-2024-29824

github · Created 2024-06-12 13:53:32 UTC · 22 stars

Ivanti EPM SQL Injection Remote Code Execution Vulnerability

Timeline

  • CVE ID Reserved

  • CVE Published to Public

  • Proof of Concept Exploit Available

  • Added to KEVIntel

  • Detected by Nuclei

  • Detected by Metasploit