Source URL: https://www.cisa.gov/news-events/alerts/2024/11/12/ivanti-releases-security-updates-multiple-products
Source: Alerts
Title: Ivanti Releases Security Updates for Multiple Products
Feedly Summary: Ivanti released security updates to address vulnerabilities in Ivanti Endpoint Manager (EPM), Ivanti Avalanche, Ivanti Connect Secure, Ivanti Policy Secure, and Ivanti Security Access Client.
CISA encourages users and administrators to review the following Ivanti security advisories and apply the necessary guidance and updates:
Ivanti Security Advisory EPM
Ivanti Security Advisory Avalanche
Ivanti Security Advisory Connect Secure, Ivanti Policy Secure, and Ivanti Security Access Client
AI Summary and Description: Yes
Summary: Ivanti has released critical security updates for several of its endpoint and access management products to address identified vulnerabilities. The Cybersecurity and Infrastructure Security Agency (CISA) is urging users and administrators to review Ivanti’s security advisories and implement the recommended updates to strengthen their security posture.
Detailed Description: The release of security updates from Ivanti highlights the ongoing need for vigilance in managing vulnerabilities within enterprise software solutions. The advisories and updates pertain to multiple products that are integral to endpoint management and secure access, which are pivotal areas in the domains of information security and infrastructure security.
* Key updates include:
– **Ivanti Endpoint Manager (EPM)**: This product is vital for managing endpoints across an organization. Vulnerabilities can lead to unauthorized access, data breaches, or disruptions.
– **Ivanti Avalanche**: This solution is significant for managing mobile devices and associated applications. Security flaws here could jeopardize sensitive data in transit or at rest.
– **Ivanti Connect Secure and Policy Secure**: Both products serve critical functions in enabling secure remote access and enforcing security policies. Vulnerabilities can result in bypassing authentication measures or exposing sensitive data.
– **Ivanti Security Access Client**: As a component facilitating secure connections, flaws in this client can undermine the overall security architecture of an organization.
* Recommendations from CISA include:
– Review Ivanti’s security advisories to understand specific vulnerabilities and the associated risks.
– Apply the recommended security patches and updates promptly to mitigate the risks.
– Continuously monitor the status of these advisories to remain compliant with the latest security practices.
This situation emphasizes the importance of proactive security management and compliance within organizations that rely on Ivanti’s solutions. Security and compliance professionals must prioritize these updates as part of their ongoing risk management and security posture improvement initiatives.