CVE-2024-29847: Ivanti Addresses Maximum Severity RCE Vulnerability in Endpoint Manager

On 10 September 2024, Ivanti released fixes for CVE-2024-29847, a maximum severity vulnerability in Ivanti Endpoint Manager (EPM).

On 10 September 2024, Ivanti released fixes for CVE-2024-29847, a maximum severity vulnerability in Ivanti Endpoint Manager (EPM). This flaw, found in the agent portal of specific EPM versions, allows Remote Code Execution (RCE) by an unauthenticated attacker due to improper deserialisation of untrusted data.

Ivanti has stated that no exploitation of CVE-2024-29847 has been detected in the wild, and Arctic Wolf has not identified any publicly accessible proof of concept (PoC) exploit code. Earlier this year, reports emerged that Chinese state-affiliated threat actors targeted two other Ivanti vulnerabilities in a widespread campaign, compromising thousands of devices. Given this history of targeting Ivanti products, these vulnerabilities could soon attract attention due to the significant access that can be gained by compromising the EPM core server.

Recommendation for CVE-2024-29847

Upgrade to Latest Fixed Version

Arctic Wolf strongly recommends that customers upgrade to the latest fixed version.

Product

Affected Version

Fixed Version

Ivanti Endpoint Manager

2024

2024 with Security Patch (Need to apply both July and September)

2024 SU1 (To be released)

Ivanti Endpoint Manager

2022 SU5 and earlier

2022 SU6

Please follow your organisation’s patching and testing guidelines to avoid any operational impact.

References

Ivanti Security Advisory

Ivanti Connect Secure Exploitation

© 2025 Arctic Wolf Networks Inc. All Rights Reserved.
Privacy Notice	Terms of Use	Cookie Policy	Customer Portal Policy	Accessibility Statement	Sustainability Statement	Information Security	Cookies Settings

Platform

Concierge

Journey

Reduce Attack Frequency

Reduce Attack Severity

Transfer Risk

Get Started

Why Arctic Wolf

Expertise by Topic

Expertise by Industry

Resource Centre

Trending Resources

NIS2 aims to make the EU as a whole more resilient to cyber threats and strengthen cooperation between Member States on cybersecurity.

The Arctic Wolf State of Cybersecurity: 2025 Trends Report serves as an opportunity for decision makers to share their experiences over the past 12 months and their perspectives on some of the most important issues shaping the IT and security landscape.

The Arctic Wolf Threat Report draws upon the first-hand experience of our security experts, augmented by research from our threat intelligence team.

Security Bulletins

Arctic Wolf Observes Social Engineering Campaign Targeting IT Staff of Healthcare Providers to Reset User Credentials

Pre-Authenticated RCE Chain Disclosed in Sitecore XP

Trend Micro Fixes Several Critical Vulnerabilities in Apex Central and Endpoint Encryption PolicyServer

Company

Careers

Press

CVE-2024-29847: Ivanti Addresses Maximum Severity RCE Vulnerability in Endpoint Manager

Recommendation for CVE-2024-29847

Upgrade to Latest Fixed Version

Popular Topics

Share this post:

What to read next

Earl Grey House
77 Grey St. 3rd Floor
Newcastle upon Tyne
NE1 6EF
UK

© 2025 Arctic Wolf Networks Inc. All Rights Reserved.

Privacy Notice

Terms of Use

Cookie Policy

Customer Portal Policy

Accessibility Statement

Sustainability Statement

Information Security

Cookies Settings

Platform

Concierge

Journey

Reduce Attack Frequency

Reduce Attack Severity

Transfer Risk

Get Started

Why Arctic Wolf

Expertise by Topic

Expertise by Industry

Resource Centre

Trending Resources

NIS2 aims to make the EU as a whole more resilient to cyber threats and strengthen cooperation between Member States on cybersecurity.

The Arctic Wolf State of Cybersecurity: 2025 Trends Report serves as an opportunity for decision makers to share their experiences over the past 12 months and their perspectives on some of the most important issues shaping the IT and security landscape.

The Arctic Wolf Threat Report draws upon the first-hand experience of our security experts, augmented by research from our threat intelligence team.

Security Bulletins

Arctic Wolf Observes Social Engineering Campaign Targeting IT Staff of Healthcare Providers to Reset User Credentials

Pre-Authenticated RCE Chain Disclosed in Sitecore XP

Trend Micro Fixes Several Critical Vulnerabilities in Apex Central and Endpoint Encryption PolicyServer

Company

Careers

Press

CVE-2024-29847: Ivanti Addresses Maximum Severity RCE Vulnerability in Endpoint Manager

Recommendation for CVE-2024-29847

Upgrade to Latest Fixed Version

Popular Topics

Share this post:

What to read next

4 min read

Pre-Authenticated RCE Chain Disclosed in Sitecore XP

8 min read

Trend Micro Fixes Several Critical Vulnerabilities in Apex Central and Endpoint Encryption PolicyServer

2 min read

Arctic Wolf Observes Organisations Receiving Unsolicited Microsoft MFA Messages

16 min read

Microsoft Patch Tuesday: June 2025

Earl Grey House 77 Grey St. 3rd Floor Newcastle upon TyneNE1 6EF UK

© 2025 Arctic Wolf Networks Inc. All Rights Reserved.

Earl Grey House
77 Grey St. 3rd Floor
Newcastle upon Tyne
NE1 6EF
UK