vuln disclosure
Ivanti Endpoint Manager Local Privilege Escalation via Buffer OverflowCVE-2024-22058
A buffer overflow vulnerability in Ivanti Endpoint Manager (EPM) up to version 2021.1 SU5 allows local privilege escalation. The flaw resides in the issuser.exe component, where a user-controlled size field in a network packet leads to an unbounded strncpy into a fixed-size buffer in the .data segment. Exploitation can overwrite a function pointer used by the C++ exception handler, enabling arbitrary code execution.