From 7740c9d3b35fa67289698246bfa53caa9509c48d Mon Sep 17 00:00:00 2001
From: Serki Ashagre <132869385+LSerki@users.noreply.github.com>
Date: Thu, 18 Jul 2024 10:28:27 +0800
Subject: [PATCH] Ivanti Releases New Security Advisories - 20240718004

---
 ...Ivanti-Releases-New-Security-Advisories.md | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)
 create mode 100644 docs/advisories/20240718004-Ivanti-Releases-New-Security-Advisories.md

diff --git a/docs/advisories/20240718004-Ivanti-Releases-New-Security-Advisories.md b/docs/advisories/20240718004-Ivanti-Releases-New-Security-Advisories.md
new file mode 100644
index 00000000..74359985
--- /dev/null
+++ b/docs/advisories/20240718004-Ivanti-Releases-New-Security-Advisories.md
@@ -0,0 +1,19 @@
+# Ivanti Releases New Security Advisories - 20240718004
+
+## Overview
+
+Ivanti has issued its July Security Update, which includes fixes for the following solutions: Ivanti Endpoint Manager (EPM), Ivanti Endpoint Manager for Mobile (EPMM) and Ivanti Docs@Work for Android
+
+## What is vulnerable?
+
+| Product(s) Affected | Version(s) | CVE                                                                                                                                       | CVSS          | Severity                                                         |
+| ------------------- | ---------- | ----------------------------------------------------------------------------------------------------------------------------------------- | ------------- | ---------------------------------------------------------------- |
+| Endpoint Manager (EPM)      | all supported versions of EPM 2024    | [CVE-2024-37381](https://nvd.nist.gov/vuln/detail/CVE-2024-37381)                                                                         | 8.4           | High                                     |
+| Endpoint Manager for Mobile (EPMM)      | all supported versions of EPMM    | [CVE-2024-36130](https://nvd.nist.gov/vuln/detail/CVE-2024-36130) </br> [CVE-2024-36131](https://nvd.nist.gov/vuln/detail/CVE-2024-36131) </br> [CVE-2024-36132](https://nvd.nist.gov/vuln/detail/CVE-2024-36132)</br> [CVE-2024-34788](https://nvd.nist.gov/vuln/detail/CVE-2024-34788)| 8.8 </br> 8.8 </br> 8.2 </br> 5.3 | High  </br> High </br> High </br> Medium|
+| Docs@Work for Android      | all versions before 2.26.0    | [CVE-2024-37403](https://nvd.nist.gov/vuln/detail/CVE-2024-37403)                                                                         | 5.0           | Medium                                     |
+
+## Recommendation
+
+The WA SOC recommends administrators apply the solutions as per vendor instructions to all affected devices within expected timeframe (refer [Patch Management](../guidelines/patch-management.md)):
+
+- [Ivanti July Security Update](https://www.ivanti.com/blog/july-security-update)