cbcvebase.
CVE-2025-9713
published 2025-10-13

CVE-2025-9713: Path traversal in Ivanti Endpoint Manager before version 2024 SU4 allows a remote unauthenticated attacker to achieve remote code execution. User interaction…

PriorityP271high8.8CVSS 3.1
AVNACLPRNUIRSUCHIHAH
EPSS
14.49%
96.2th percentile
Path traversal in Ivanti Endpoint Manager before version 2024 SU4 allows a remote unauthenticated attacker to achieve remote code execution. User interaction is required.

Affected

2 ranges
VendorProductVersion rangeFixed in
ivantiendpoint_manager< 20242024
ivantiendpoint_manager

Detection & IOCsextracted from sources · hover to see the quote

  • Target product is Ivanti Endpoint Manager before version 2024 SU4; detect exploitation attempts via path traversal patterns in HTTP requests targeting Ivanti EPM endpoints
  • Attack is remotely exploitable by unauthenticated attackers but requires user interaction; monitor for suspicious inbound requests to Ivanti EPM web-facing components combined with social engineering indicators
  • ·User interaction is required for exploitation, meaning the attack chain likely involves a victim clicking a malicious link or opening a crafted file; detections should account for this multi-step exploitation pattern
  • ·No specific IOCs (hashes, IPs, domains, URLs, signatures) are present in the available sources; additional threat intelligence or vendor advisory details are needed for concrete indicator-based detection
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.