CVE-2024-8321: 
Ivanti Endpoint Manager vulnerability analysis and mitigation

A missing authentication vulnerability (CVE-2024-8321) was discovered in the Network Isolation feature of Ivanti Endpoint Manager (EPM). The vulnerability affects versions before 2022 SU6 and versions prior to the 2024 September update. This security flaw was disclosed on September 10, 2024, and received a CVSS v3.1 base score of 8.6 (HIGH) from NIST NVD (NVD).

The vulnerability is classified as CWE-306 (Missing Authentication for Critical Function). It allows remote unauthenticated attackers to manipulate the network isolation status of managed devices. The CVSS vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H indicates that the vulnerability can be exploited over the network, requires low attack complexity, needs no privileges or user interaction, and has a high impact on availability with scope changed (NVD).

The exploitation of this vulnerability could allow attackers to isolate managed devices from the network, potentially disrupting network segmentation strategies and leading to significant operational disruptions. This could affect organizations' ability to maintain proper network connectivity for their managed endpoints (Security Online).

Ivanti has released patches to address this vulnerability. Users of Ivanti EPM 2024 must apply both the July and September 2024 security patches. For Ivanti EPM 2022 users, updating to version 2022 SU6 or later is required to mitigate the vulnerability (Security Online).