CVE-2025-13662
published 2025-12-09CVE-2025-13662: Improper verification of cryptographic signatures in the patch management component of Ivanti Endpoint Manager prior to version 2024 SU4 SR1 allows a remote…
PriorityP347high7.8CVSS 3.1
AVLACLPRNUIRSUCHIHAH
EPSS
0.47%
37.5th percentile
Improper verification of cryptographic signatures in the patch management component of Ivanti Endpoint Manager prior to version 2024 SU4 SR1 allows a remote unauthenticated attacker to execute arbitrary code. User Interaction is required.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ivanti | endpoint_manager | < 2024 | 2024 |
| ivanti | endpoint_manager | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-p97v-rwhv-427h: Improper verification of cryptographic signatures in the patch management component of Ivanti Endpoint Manager prior to version 2024 SU4 SR1 allows a
ghsa_unreviewed·2025-12-09
CVE-2025-13662 [HIGH] CWE-347 GHSA-p97v-rwhv-427h: Improper verification of cryptographic signatures in the patch management component of Ivanti Endpoint Manager prior to version 2024 SU4 SR1 allows a
Improper verification of cryptographic signatures in the patch management component of Ivanti Endpoint Manager prior to version 2024 SU4 SR1 allows a remote unauthenticated attacker to execute arbitrary code. User Interaction is required.
Ivanti
Ivanti Security Advisory: CVE-2025-13662
vendor_ivanti·2025-12-09·CVSS 7.8
CVE-2025-13662 [HIGH] CWE-347 Ivanti Security Advisory: CVE-2025-13662
Ivanti Security Advisory: CVE-2025-13662
Improper verification of cryptographic signatures in the patch management component of Ivanti Endpoint Manager prior to version 2024 SU4 SR1 allows a remote unauthenticated attacker to execute arbitrary code. User Interaction is required.
CVE IDs: CVE-2025-13662
CVSS Base Score: 7.8
Severity: HIGH
CWEs: CWE-347
No detection rules found.
No public exploits indexed.
Bleepingcomputer
Ivanti warns of critical Endpoint Manager code execution flaw
blogs_bleepingcomputer·2025-12-09·CVSS 9.6
[CRITICAL] Ivanti warns of critical Endpoint Manager code execution flaw
## Ivanti warns of critical Endpoint Manager code execution flaw
## Sergiu Gatlan
American IT software company Ivanti warned customers today to patch a newly disclosed vulnerability in its Endpoint Manager (EPM) solution that could allow attackers to execute code remotely.
Ivanti delivers system and IT asset management solutions to over 40,000 companies via a network of more than 7,000 organizations worldwide. The company's EPM software is an all-in-one endpoint management tool for managing client devices across popular platforms, including Windows, macOS, Linux, Chrome OS, and IoT.
Tracked as CVE-2025-10573 , this critical security flaw can be exploited by remote, unauthenticated threat actors to execute arbitrary JavaScript code through low-complexity cross-site scripting attacks tha
Wiz
CVE-2025-13659 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 8.8
CVE-2025-13659 [HIGH] CVE-2025-13659 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2025-13659 :
Ivanti Endpoint Manager vulnerability analysis and mitigation
Improper control of dynamically managed code resources in Ivanti Endpoint Manager prior to version 2024 SU4 SR1 allows a remote, unauthenticated attacker to write arbitrary files on the server, potentially leading to remote code execution. User interaction is required.
Source : NVD
## 8.8
Score
Published December 9, 2025
Severity HIGH
CNA Score 8.8
Affected Technologies
Ivanti Endpoint Manager
Ivanti Endpoint Manager Windows Agent
Has Public Exploit No
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 77.4
Exploitation Probability (EPSS) 1
Affected packages and libraries
cpe:2.3:a:ivanti:endpoint_manager
Sources
Linux Seve
Wiz
CVE-2025-10573 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 9.6
CVE-2025-10573 [CRITICAL] CVE-2025-10573 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2025-10573 :
Ivanti Endpoint Manager vulnerability analysis and mitigation
Stored XSS in Ivanti Endpoint Manager prior to version 2024 SU4 SR1 allows a remote unauthenticated attacker to execute arbitrary JavaScript in the context of an administrator session. User interaction is required.
Source : NVD
## 6.1
Score
Published December 9, 2025
Severity MEDIUM
CNA Score 9.6
Affected Technologies
Ivanti Endpoint Manager
Ivanti Endpoint Manager Windows Agent
Has Public Exploit Yes
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 12.3
Exploitation Probability (EPSS) N/A
Affected packages and libraries
cpe:2.3:a:ivanti:endpoint_manager
Sources
Linux Severity MEDIUM No Fix Added at: Dec 12, 2025
Windows
Wiz
CVE-2025-13661 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 8.8
CVE-2025-13661 [HIGH] CVE-2025-13661 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2025-13661 :
Ivanti Endpoint Manager vulnerability analysis and mitigation
Path traversal in Ivanti Endpoint Manager prior to version 2024 SU4 SR1 allows a remote authenticated attacker to write arbitrary files outside of the intended directory. User interaction is required.
Source : NVD
## 8
Score
Published December 9, 2025
Severity HIGH
CNA Score 7.1
Affected Technologies
Ivanti Endpoint Manager
Ivanti Endpoint Manager Windows Agent
Has Public Exploit No
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 83.7
Exploitation Probability (EPSS) 2
Affected packages and libraries
cpe:2.3:a:ivanti:endpoint_manager
Sources
Linux Severity HIGH No Fix Added at: Dec 12, 2025
Windows Severity HIGH No Fix A
Wiz
CVE-2026-1602 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 8.8
CVE-2026-1602 [HIGH] CVE-2026-1602 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2026-1602 :
Ivanti Endpoint Manager vulnerability analysis and mitigation
SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database.
Source : NVD
## 6.5
Score
Published February 10, 2026
Severity MEDIUM
CNA Score 6.5
Affected Technologies
Ivanti Endpoint Manager
Ivanti Endpoint Manager Windows Agent
Has Public Exploit No
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 20.8
Exploitation Probability (EPSS) 0.1
Affected packages and libraries
cpe:2.3:a:ivanti:endpoint_manager
Sources
Linux Severity MEDIUM No Fix Added at: Feb 15, 2026
Windows Severity MEDIUM No Fix Added at: Feb 15, 2026
Linux Severity MEDIUM
Wiz
CVE-2025-13662 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 8.8
CVE-2025-13662 [HIGH] CVE-2025-13662 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2025-13662 :
Ivanti Endpoint Manager vulnerability analysis and mitigation
Improper verification of cryptographic signatures in the patch management component of Ivanti Endpoint Manager prior to version 2024 SU4 SR1 allows a remote unauthenticated attacker to execute arbitrary code. User Interaction is required.
Source : NVD
## 7.8
Score
Published December 9, 2025
Severity HIGH
CNA Score 7.8
Affected Technologies
Ivanti Endpoint Manager
Ivanti Endpoint Manager Windows Agent
Has Public Exploit No
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 6.9
Exploitation Probability (EPSS) N/A
Affected packages and libraries
cpe:2.3:a:ivanti:endpoint_manager
Sources
Linux Severity HIGH No Fix Added at: Dec
Wiz
CVE-2026-1603 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 8.8
CVE-2026-1603 [HIGH] CVE-2026-1603 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2026-1603 :
Ivanti Endpoint Manager vulnerability analysis and mitigation
An authentication bypass in Ivanti Endpoint Manager before version 2024 SU5 allows a remote unauthenticated attacker to leak specific stored credential data.
Source : NVD
## 7.5
Score
Published February 10, 2026
Severity HIGH
CNA Score 8.6
Affected Technologies
Ivanti Endpoint Manager
Ivanti Endpoint Manager Windows Agent
Has Public Exploit Yes
Has CISA KEV Exploit Yes
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 98.3
Exploitation Probability (EPSS) 60.9
Affected packages and libraries
cpe:2.3:a:ivanti:endpoint_manager
Sources
Linux Severity HIGH No Fix Added at: Feb 15, 2026
Windows Severity HIGH No Fix Added at: Feb 15, 2026
Linux Severit
2025-12-09
Published