Secure Cyber Vulnerability Management

12/12/2025
Qualys-Threat-Protect

Ivanti Endpoint Manager (EPM) Multiple Vulnerabilities (CVE-2025-10573, CVE-2025-13659, CVE-2025-13661, & CVE-2025-13662)

by Deepanshu Jha

Ivanti released a security advisory to address three high-severity vulnerabilities and one critical-severity vulnerability impacting EPM core and remote consoles.

Ivanti mentioned in their advisory that they are unaware of any customers being exploited by these vulnerabilities at the time of disclosure.

Ivanti Endpoint Manager (EPM) is a tool that helps IT administrators manage and secure devices and data across networks. It can manage Windows, macOS, Linux, iOS, and Android devices.

CVE-2025-10573

The vulnerability has a critical severity rating with a CVSS score of 9.6. A stored cross-site scripting (XSS) vulnerability may allow a remote unauthenticated attacker to execute arbitrary JavaScript in the context of an administrator session. User interaction is required for the successful exploitation of the vulnerability.

CVE-2025-13659

An improper control of dynamically managed code resources in Ivanti Endpoint Manager may allow a remote, unauthenticated attacker to write arbitrary files on the server, potentially leading to remote code execution. User interaction is required for the successful exploitation of the vulnerability.

CVE-2025-13661

A path traversal vulnerability in Ivanti Endpoint Manager may allow a remote authenticated attacker to write arbitrary files outside of the intended directory. User interaction is required for the successful exploitation of the vulnerability.

CVE-2025-13662

An improper verification of cryptographic signatures in the patch management component of Ivanti Endpoint Manager may allow a remote unauthenticated attacker to execute arbitrary code. User Interaction is required for the successful exploitation of the vulnerability.

Affected Versions

The vulnerability affects Ivanti Endpoint Manager versions before 2024 SU4 SR1.

Mitigation

Users must upgrade to Ivanti Endpoint Manager version 2024 SU4 SR1 to patch the vulnerabilities.

For more information, please refer to the Ivanti Security Advisory.

Qualys Detection

Qualys customers can scan their devices with QID 386197 to detect vulnerable assets.

Please continue to follow Qualys Threat Protection for more coverage of the latest vulnerabilities.

References
https://forums.ivanti.com/s/article/Security-Advisory-EPM-December-2025-for-EPM-2024?language=en_US

Comments are closed.

You may also like