Ivanti Endpoint Manager Vulnerabilities: Update Now to Prevent RCE
Red Hot Cyber
Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Search
Fortinet 320x100px
Redhotcyber Banner Sito 970x120px Uscita 101125
Ivanti Endpoint Manager Vulnerabilities: Update Now to Prevent RCE

Ivanti Endpoint Manager Vulnerabilities: Update Now to Prevent RCE

Redazione RHC : 10 December 2025 15:59

Ivanti has released an urgent update for its Endpoint Manager (EPM) platform, addressing a set of significant vulnerabilities that could allow attackers to execute code of their choosing or hijack administrative sessions.

Among the fixed vulnerabilities, there are four specific flaws, including one particularly critical one, marked with a high severity rating, which have been fixed thanks to this update.

For organizations that are unable to immediately apply the patch, it suggests segregating their networks as best they can, stating: “If customers have not exposed their solution to the Internet, the risk of this vulnerability is significantly reduced.”

A Stored Cross-Site Scripting (XSS) vulnerability tracked under CVE-2025-10573 has a CVSS score of 9.6. EPM software versions prior to 2024 SU4 SR1 are affected by this vulnerability.

The advisory states that the vulnerability allows an unauthenticated, remote attacker to execute JavaScript of their choice within an administration session.

The flaw requires user interaction, as it is likely that an administrator could be tricked into viewing a malicious page, but the risk of a full session hijacking makes it a top priority for defense officials.

In addition to the critical XSS bug, Ivanti has fixed three other high-severity vulnerabilities that expose the system to remote code execution (RCE) and unauthorized file manipulation:

  • Arbitrary File Writing (CVE-2025-13659): Classified under CVSS 8.8, this flaw affects “improper control of dynamically managed code resources,” allowing an unauthenticated, remote attacker to write arbitrary files to the server.
  • Signature Verification Failure (CVE-2025-13662): With a CVSS score of 7.8, this vulnerability results from “improper verification of cryptographic signatures in the patch management component.” It allows remote, unauthenticated attackers to execute arbitrary code, although it requires user interaction.
  • Path Traversal (CVE-2025-13661): This issue (CVSS 7.1) allows an authenticated attacker to “write arbitrary files outside of the intended directory,” potentially compromising system integrity.

While Ivanti states that it is “not aware of any customers being exploited by these vulnerabilities at the time of disclosure,” it strongly recommends customers update immediately.

  • #cybersecurity
  • CVE-2025-10573
  • CVE-2025-13659
  • CVE-2025-13661
  • CVE-2025-13662
  • Endpoint Security
  • IT security
  • Ivanti Endpoint Manager
  • patch update
  • RCE
  • Vulnerability
  • xss
Immagine del sitoRedazione
The editorial team of Red Hot Cyber consists of a group of individuals and anonymous sources who actively collaborate to provide early information and news on cybersecurity and computing in general.

Lista degli articoli