Ivanti has released patches for multiple critical security vulnerabilities in its Endpoint Manager (EPM). These vulnerabilities, identified as CVE-2024-29822 through CVE-2024-29827, include six SQL injection flaws that allow remote code execution (RCE) without authentication. The company's proactive measures follow earlier incidents this year when Ivanti devices were hacked, prompting collaboration with the Cybersecurity and Infrastructure Security Agency (CISA) to address the vulnerabilities. The patches aim to mitigate the risks associated with these critical flaws and enhance the security of the Endpoint Manager.