Ivanti top priority is upholding our commitment to deliver and maintain secure products for our customers.
Ivanti vulnerability management program is designed to enable us to find, fix and disclose vulnerabilities in collaboration with the broader security ecosystem, and communicate responsibly and transparently with customers.
Ivanti is making a large investment in Secure by Design across our organisation and signed the CISA Secure by Design pledge in May.
In November 2024, fixes have been released for the following Ivanti solutions:
Ivanti Endpoint Manager (EPM)
Ivanti Avalanche
Ivanti Connect Secure
Ivanti Policy Secure
Ivanti Security Access Client
It is important for customers to know:
- Ivanti have no evidence of any of these vulnerabilities being exploited in the wild.
- These vulnerabilities do not impact any other Ivanti products or solutions.
More information on these vulnerabilities and detailed instructions on how to remediate the issues can be found in these Security Advisories:
- Ivanti EPM
- Ivanti Avalanche
- Ivanti Connect Secure, Ivanti Policy Secure and Ivanti Security Access Client
Ivanti Support team is always available to help customers and partners should they have any questions. Cases can be logged via the Success portal (login credentials required).