Ivanti Endpoint Manager vulnerabilities
116 known vulnerabilities affecting ivanti/endpoint_manager.
Total CVEs
116
CISA KEV
5
actively exploited
Public exploits
6
Exploited in wild
5
Severity breakdown
CRITICAL10HIGH82MEDIUM24
Vulnerabilities
Page 6 of 6
CVE-2023-35077P3HIGHCVSS 7.5fixed in 7.9.1.285≥ 7.9.1.285, < 7.9.1.2852023-07-21
CVE-2023-35077 [HIGH] CWE-787 CVE-2023-35077: An out-of-bounds write vulnerability on windows operating systems causes the Ivanti AntiVirus Produc
An out-of-bounds write vulnerability on windows operating systems causes the Ivanti AntiVirus Product to crash. Update to Ivanti AV Product version 7.9.1.285 or above.
nvd
CVE-2022-35259P3HIGHCVSS 7.8≤ 2022.32022-12-05
CVE-2022-35259 [HIGH] CWE-91 CVE-2022-35259: XML Injection with Endpoint Manager 2022. 3 and below causing a download of a malicious file to run
XML Injection with Endpoint Manager 2022. 3 and below causing a download of a malicious file to run and possibly execute to gain unauthorized privileges.
nvd
CVE-2024-13164P3HIGHCVSS 7.8fixed in 2022v2022+1 more2025-01-14
CVE-2024-13164 [HIGH] CWE-908 CVE-2024-13164: An uninitialized resource in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 Ja
An uninitialized resource in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a local authenticated attacker to escalate their privileges.
nvd
CVE-2024-22058P3HIGHCVSS 7.8≤ 2021.12024-05-31
CVE-2024-22058 [HIGH] CWE-122 CVE-2024-22058: A buffer overflow allows a low privilege user on the local machine that has the EPM Agent installed
A buffer overflow allows a low privilege user on the local machine that has the EPM Agent installed to execute arbitrary code with elevated permissions in Ivanti EPM 2021.1 and older.
nvd
CVE-2023-35083P3MEDIUMCVSS 6.5fixed in 2022v20222023-10-18
CVE-2023-35083 [MEDIUM] CVE-2023-35083: Allows an authenticated attacker with network access to read arbitrary files on Endpoint Manager rec
Allows an authenticated attacker with network access to read arbitrary files on Endpoint Manager recently discovered on 2022 SU3 and all previous versions potentially leading to the leakage of sensitive information.
nvd
CVE-2020-13771P3HIGHCVSS 7.8≤ 2020.1.12020-11-12
CVE-2020-13771 [HIGH] CWE-427 CVE-2020-13771: Various components in Ivanti Endpoint Manager through 2020.1.1 rely on Windows search order when loa
Various components in Ivanti Endpoint Manager through 2020.1.1 rely on Windows search order when loading a (nonexistent) library file, allowing (under certain conditions) one to gain code execution (and elevation of privileges to the level of privilege held by the vulnerable component such as NT AUTHORITY\SYSTEM) via DLL hijacking. This affects ldiscn
nvd
CVE-2024-8320P3MEDIUMCVSS 5.3fixed in 2022v2022+1 more2024-09-10
CVE-2024-8320 [MEDIUM] CWE-306 CVE-2024-8320: Missing authentication in Network Isolation of Ivanti EPM before 2022 SU6, or the 2024 September upd
Missing authentication in Network Isolation of Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote unauthenticated attacker to spoof Network Isolation status of managed devices.
nvd
CVE-2025-10918P3HIGHCVSS 7.1fixed in 2024v20242025-11-11
CVE-2025-10918 [HIGH] CWE-276 CVE-2025-10918: Insecure default permissions in the agent of Ivanti Endpoint Manager before version 2024 SU4 allows
Insecure default permissions in the agent of Ivanti Endpoint Manager before version 2024 SU4 allows a local authenticated attacker to write arbitrary files anywhere on disk
nvd
CVE-2024-10256P4HIGHCVSS 7.1v2022v20242024-12-10
CVE-2024-10256 [HIGH] CWE-732 CVE-2024-10256: Insufficient permissions in Ivanti Patch SDK before version 9.7.703 allows a local authenticated att
Insufficient permissions in Ivanti Patch SDK before version 9.7.703 allows a local authenticated attacker to delete arbitrary files.
nvd
CVE-2020-13772P4MEDIUMCVSS 5.3≤ 2020.1.12020-11-16
CVE-2020-13772 [MEDIUM] CVE-2020-13772: In /ldclient/ldprov.cgi in Ivanti Endpoint Manager through 2020.1.1, an attacker is able to disclose
In /ldclient/ldprov.cgi in Ivanti Endpoint Manager through 2020.1.1, an attacker is able to disclose information about the server operating system, local pathnames, and environment variables with no authentication required.
nvd
CVE-2022-30121P4MEDIUMCVSS 6.7fixed in 2021.1.1v2021.1.12022-09-23
CVE-2022-30121 [MEDIUM] CWE-269 CVE-2022-30121: The “LANDesk(R) Management Agent” service exposes a socket and once connected, it is possible to lau
The “LANDesk(R) Management Agent” service exposes a socket and once connected, it is possible to launch commands only for signed executables. This is a security bug that allows a limited user to get escalated admin privileges on their system.
nvd
CVE-2025-22465P4MEDIUMCVSS 6.1fixed in 2022v2022+1 more2025-04-08
CVE-2025-22465 [MEDIUM] CWE-79 CVE-2025-22465: Reflected XSS in Ivanti Endpoint Manager before version 2024 SU1 or before version 2022 SU7 allows a
Reflected XSS in Ivanti Endpoint Manager before version 2024 SU1 or before version 2022 SU7 allows a remote unauthenticated attacker to execute arbitrary javascript in a victim's browser. Unlikely user interaction is required.
nvd
CVE-2024-8441P4MEDIUMCVSS 6.7fixed in 2022v2022+1 more2024-09-10
CVE-2024-8441 [MEDIUM] CWE-427 CVE-2024-8441: An uncontrolled search path in the agent of Ivanti EPM before 2022 SU6, or the 2024 September update
An uncontrolled search path in the agent of Ivanti EPM before 2022 SU6, or the 2024 September update allows a local authenticated attacker with admin privileges to escalate their privileges to SYSTEM.
nvd
CVE-2025-22464P4MEDIUMCVSS 6.1fixed in 2022v2022+1 more2025-04-08
CVE-2025-22464 [MEDIUM] CWE-822 CVE-2025-22464: An untrusted pointer dereference vulnerability in Ivanti Endpoint Manager before version 2024 SU1 or
An untrusted pointer dereference vulnerability in Ivanti Endpoint Manager before version 2024 SU1 or before version 2022 SU7 allows an attacker with local access to write arbitrary data into memory causing a denial-of-service condition.
nvd
CVE-2020-13773P4MEDIUMCVSS 5.4≤ 2020.1.12020-11-16
CVE-2020-13773 [MEDIUM] CWE-79 CVE-2020-13773: Ivanti Endpoint Manager through 2020.1.1 allows XSS via /LDMS/frm_splitfrm.aspx, /LDMS/licensecheck.
Ivanti Endpoint Manager through 2020.1.1 allows XSS via /LDMS/frm_splitfrm.aspx, /LDMS/licensecheck.aspx, /LDMS/frm_splitcollapse.aspx, /LDMS/alert_log.aspx, /LDMS/ServerList.aspx, /LDMS/frm_coremainfrm.aspx, /LDMS/frm_findfrm.aspx, /LDMS/frm_taskfrm.aspx, and /LDMS/query_browsecomp.aspx.
nvd
CVE-2025-22459P4MEDIUMCVSS 4.8fixed in 2022v2022+1 more2025-04-08
CVE-2025-22459 [MEDIUM] CWE-296 CVE-2025-22459: Improper certificate validation in Ivanti Endpoint Manager before version 2024 SU1 or before version
Improper certificate validation in Ivanti Endpoint Manager before version 2024 SU1 or before version 2022 SU7 allows a remote unauthenticated attacker to intercept limited traffic between clients and servers.
nvd
← Previous6 / 6