CVE-2025-9713
published 2025-10-13CVE-2025-9713: Path traversal in Ivanti Endpoint Manager before version 2024 SU4 allows a remote unauthenticated attacker to achieve remote code execution. User interaction…
PriorityP271high8.8CVSS 3.1
AVNACLPRNUIRSUCHIHAH
EPSS
14.49%
96.2th percentile
Path traversal in Ivanti Endpoint Manager before version 2024 SU4 allows a remote unauthenticated attacker to achieve remote code execution. User interaction is required.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ivanti | endpoint_manager | < 2024 | 2024 |
| ivanti | endpoint_manager | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Target product is Ivanti Endpoint Manager before version 2024 SU4; detect exploitation attempts via path traversal patterns in HTTP requests targeting Ivanti EPM endpoints ↗
- →Attack is remotely exploitable by unauthenticated attackers but requires user interaction; monitor for suspicious inbound requests to Ivanti EPM web-facing components combined with social engineering indicators ↗
- ·User interaction is required for exploitation, meaning the attack chain likely involves a victim clicking a malicious link or opening a crafted file; detections should account for this multi-step exploitation pattern ↗
- ·No specific IOCs (hashes, IPs, domains, URLs, signatures) are present in the available sources; additional threat intelligence or vendor advisory details are needed for concrete indicator-based detection ↗
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-4vv9-j5h4-6c9w: Path traversal in Ivanti Endpoint Manager allows a remote unauthenticated attacker to achieve remote code execution
ghsa_unreviewed·2025-10-13
CVE-2025-9713 [HIGH] CWE-22 GHSA-4vv9-j5h4-6c9w: Path traversal in Ivanti Endpoint Manager allows a remote unauthenticated attacker to achieve remote code execution
Path traversal in Ivanti Endpoint Manager allows a remote unauthenticated attacker to achieve remote code execution. User interaction is required.
Ivanti
Ivanti Security Advisory: CVE-2025-9713
vendor_ivanti·2025-10-13·CVSS 8.8
CVE-2025-9713 [HIGH] CWE-22 Ivanti Security Advisory: CVE-2025-9713
Ivanti Security Advisory: CVE-2025-9713
Path traversal in Ivanti Endpoint Manager before version 2024 SU4 allows a remote unauthenticated attacker to achieve remote code execution. User interaction is required.
CVE IDs: CVE-2025-9713
CVSS Base Score: 8.8
Severity: HIGH
CWEs: CWE-22
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2025-10-13
Published