CVE-2024-50330: Ivanti Addresses Critical Severity RCE Vulnerability in Endpoint Manager

On 12 November 2024, Ivanti released fixes for CVE-2024-50330, a critical severity vulnerability in Ivanti Endpoint Manager (EPM).

On 12 November 2024, Ivanti released fixes for CVE-2024-50330, a critical severity vulnerability in Ivanti Endpoint Manager (EPM). This flaw allows Remote Code Execution (RCE) by an unauthenticated attacker.?

Ivanti has stated that no exploitation of CVE-2024-50330 has been detected in the wild, and Arctic Wolf has not identified any publicly accessible proof of concept (PoC) exploit code. Earlier this year, reports emerged that Chinese state-affiliated threat actors targeted two other Ivanti vulnerabilities in a widespread campaign, compromising . Given the significant access that could be obtained by exploiting this vulnerability and the history of Ivanti exploitation, it is likely threat actors will leverage the patch to create a PoC exploit.?

Recommendation for CVE-2024-50330

Upgrade to Latest Fixed Version

Arctic Wolf strongly recommends that customers upgrade to the latest fixed version.?

Product?

Affected Version?

Fixed Version?

Ivanti Endpoint Manager (EPM)??

2024 September security update and prior?

2022 SU6 September security update and prior??

2024 November Security Update?

2022 SU6 November Security Update?

Please follow your organisation’s patching and testing guidelines to avoid any operational impact.?

References?

? 2026 ��. All Rights Reserved.
Privacy Notice	Terms of Use	Cookie Policy	Customer Portal Policy	Accessibility Statement	Sustainability Statement	Information Security	Cookies Settings

��

��

Concierge

Journey

Reduce Attack Frequency

Reduce Attack Severity

Transfer Risk

Get Started

Why Arctic Wolf

Expertise by Topic

Expertise by Industry

Resource Centre

Trending Resources

NIS2 aims to make the EU as a whole more resilient to cyber threats and strengthen cooperation between Member States on cybersecurity.

The Arctic Wolf State of Cybersecurity: 2025 Trends Report serves as an opportunity for decision makers to share their experiences over the past 12 months and their perspectives on some of the most important issues shaping the IT and security landscape.

The Arctic Wolf Threat Report draws upon the first-hand experience of our security experts, augmented by research from our threat intelligence team.

Security Bulletins

Microsoft Patch Tuesday: April 2026?

CVE-2026-35616: Fortinet Releases Hotfix for Critical Exploited Vulnerability in FortiClient EMS

CVE-2026-2699 & CVE-2026-2701: Progress ShareFile Storage Zones Controller Pre-Auth RCE Chain

Company

Careers

Press