No active exploitation of the vulnerability, which stemmed from the agent portal's untrusted data serialization issue, has been observed so far, according to Ivanti, which also patched nearly two dozen other critical and high-severity bugs in EPM, Cloud Service Appliance, and Workspace Control.