A new vulnerability, CVE-2024-22026, has been discovered in Ivanti Endpoint Manager Mobile (EPMM), also known as MobileIron Core, allowing a local attacker to gain root access. This exploit involves sending a fake RPM package to the system, resulting in potential security breaches. Ivanti has released patches for versions 12
1.0.0, 12.0.0.0, and 11.12.0.1 to address this vulnerability, emphasizing the importance of updating to mitigate risks. The exploit involves creating a malicious RPM package that, once installed using a specific CLI command, allows the attacker to gain full control over the system. The severity of this vulnerability is still being assessed to understand its potential impact on affected systems. https://cybersecuritynews.com/poc-exploit-released/