CVE-2025-22464
published 2025-04-08CVE-2025-22464: An untrusted pointer dereference vulnerability in Ivanti Endpoint Manager before version 2024 SU1 or before version 2022 SU7 allows an attacker with local…
PriorityP427medium6.1CVSS 3.1
AVLACLPRLUINSUCNILAH
EPSS
0.25%
16.6th percentile
An untrusted pointer dereference vulnerability in Ivanti Endpoint Manager before version 2024 SU1 or before version 2022 SU7 allows an attacker with local access to write arbitrary data into memory causing a denial-of-service condition.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ivanti | endpoint_manager | < 2022 | 2022 |
| ivanti | endpoint_manager | — | — |
| ivanti | endpoint_manager | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-r5hc-g9j9-f2mf: An untrusted pointer dereference vulnerability in Ivanti Endpoint Manager before version 2024 SU1 or before version 2022 SU7 allows an attacker with l
ghsa_unreviewed·2025-04-08
CVE-2025-22464 [MEDIUM] CWE-822 GHSA-r5hc-g9j9-f2mf: An untrusted pointer dereference vulnerability in Ivanti Endpoint Manager before version 2024 SU1 or before version 2022 SU7 allows an attacker with l
An untrusted pointer dereference vulnerability in Ivanti Endpoint Manager before version 2024 SU1 or before version 2022 SU7 allows an attacker with local access to write arbitrary data into memory causing a denial-of-service condition.
Ivanti
Ivanti Security Advisory: CVE-2025-22464
vendor_ivanti·2025-04-08·CVSS 6.1
CVE-2025-22464 [MEDIUM] CWE-822 Ivanti Security Advisory: CVE-2025-22464
Ivanti Security Advisory: CVE-2025-22464
An untrusted pointer dereference vulnerability in Ivanti Endpoint Manager before version 2024 SU1 or before version 2022 SU7 allows an attacker with local access to write arbitrary data into memory causing a denial-of-service condition.
CVE IDs: CVE-2025-22464
CVSS Base Score: 6.1
Severity: MEDIUM
CWEs: CWE-822
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2025-04-08
Published