CYBERNEWSMEDIA Network:||
CYBERNEWSMEDIA
CYBERNEWSMEDIA

Cybersecurity News, Insights & Analysis

Latest
TrueConf Zero-Day Exploited in Asian Government Attacks
In Other News: ChatGPT Data Leak, Android Rootkit, Water Facility Hit by Ransomware
Critical ShareFile Flaws Lead to Unauthenticated RCE
Mobile Attack Surface Expands as Enterprises Lose Control
React2Shell Exploited in Large-Scale Credential Harvesting Campaign
AD · 970×250

Vulnerabilities

Ivanti EPM Update Patches Critical Remote Code Execution Flaw

The XSS vulnerability could allow remote attackers to execute arbitrary JavaScript code with administrator privileges. The post Ivanti EPM Update Patches Critical Remote Code Execution Flaw appeared first on SecurityWeek.

Ivanti vulnerability

Ivanti on Tuesday announced patches for four vulnerabilities in Endpoint Manager (EPM), including a critical-severity flaw leading to remote code execution (RCE).

The security defect, tracked as CVE-2025-10573 (CVSS score of 9.6), is described as a stored cross-site scripting (XSS) issue that can be exploited without authentication.

Providing organizations with remote administration, vulnerability scanning, and management of connected systems, Ivanti EPM includes an API that consumes device scan data.

The critical EPM vulnerability allows attackers to submit device scan data containing malicious payloads that would be processed and embedded in the web dashboard, says Rapid7, which discovered and reported the bug in August.

When an administrator accesses the dashboard interface and views the device information, the payload triggers client-side JavaScript execution, allowing the attacker to gain control of the administrator’s session, the company explains.

The bug has been addressed with the release of Ivanti EPM 2024 SU4 SR1, which also addresses three high-severity bugs.

The first, CVE-2025-13659, is described as the improper control of dynamically managed code resources, which could allow remote, unauthenticated attackers to write arbitrary files on the server.

Successful exploitation of the security defect could lead to RCE, but user interaction is required, Ivanti notes in its advisory.

The second high-severity issue is CVE-2025-13661, a path traversal flaw that can be exploited remotely to write arbitrary files outside of the intended directory. Its exploitation requires authentication.

The third high-severity weakness is described as the “improper verification of cryptographic signatures in the patch management component” of EPM.

Tracked as CVE-2025-13662, it allows remote, unauthenticated attackers to achieve RCE, but requires user interaction.

Ivanti says it is not aware of any of these vulnerabilities being exploited in the wild. Users are advised to update to the latest versions of Ivanti EPM as soon as possible.

Related: High-Severity Vulnerabilities Patched by Ivanti and Zoom

Related: High-Severity Vulnerabilities Patched by Fortinet and Ivanti

Related: ZDI Drops 13 Unpatched Ivanti Endpoint Manager Vulnerabilities

Related: CISA Analyzes Malware From Ivanti EPMM Intrusions

Latest News

CYBERNEWSMEDIAPublisher