Unpatched Ivanti Endpoint Manager Vulnerabilities Disclosed by ZDI

Timeline

1. 10.10.2025 12:45 1 articles · 5h ago

   ZDI Discloses 13 Unpatched Ivanti Endpoint Manager Vulnerabilities

   Thirteen unpatched vulnerabilities in Ivanti Endpoint Manager have been disclosed by ZDI. One flaw allows local privilege escalation, while the remaining 12 enable remote code execution (RCE). The vulnerabilities were reported to Ivanti in November 2024 and June 2025, respectively. Ivanti has not yet released patches for these high-severity defects, which have CVSS scores ranging from 7.2 to 8.8. The vulnerabilities affect various components and methods within Ivanti Endpoint Manager, including the AgentPortal service, Report_RunPatch, MP_Report_Run2, DBDR, and others. Exploitation of these flaws requires authentication for most, but one RCE vulnerability can be exploited with admin credentials or by convincing a user to open a malicious file. ZDI advises restricting interaction with the product as the primary mitigation strategy. Ivanti has acknowledged the issues but has not provided a public statement on the delay in patching.

   Show sources

   • ZDI Drops 13 Unpatched Ivanti Endpoint Manager Vulnerabilities — www.securityweek.com — 10.10.2025 12:45

   Open in new tab

Information Snippets

• Thirteen unpatched vulnerabilities in Ivanti Endpoint Manager have been disclosed by ZDI.

  First reported: 10.10.2025 12:45
  1 source, 1 article
  Show sources

  • ZDI Drops 13 Unpatched Ivanti Endpoint Manager Vulnerabilities — www.securityweek.com — 10.10.2025 12:45

• One vulnerability allows local privilege escalation, affecting the AgentPortal service.

  First reported: 10.10.2025 12:45
  1 source, 1 article
  Show sources

  • ZDI Drops 13 Unpatched Ivanti Endpoint Manager Vulnerabilities — www.securityweek.com — 10.10.2025 12:45

• Twelve vulnerabilities enable remote code execution (RCE), affecting multiple components and methods.

  First reported: 10.10.2025 12:45
  1 source, 1 article
  Show sources

  • ZDI Drops 13 Unpatched Ivanti Endpoint Manager Vulnerabilities — www.securityweek.com — 10.10.2025 12:45

• The vulnerabilities were reported to Ivanti in November 2024 and June 2025.

  First reported: 10.10.2025 12:45
  1 source, 1 article
  Show sources

  • ZDI Drops 13 Unpatched Ivanti Endpoint Manager Vulnerabilities — www.securityweek.com — 10.10.2025 12:45

• CVSS scores range from 7.2 to 8.8, indicating high-severity defects.

  First reported: 10.10.2025 12:45
  1 source, 1 article
  Show sources

  • ZDI Drops 13 Unpatched Ivanti Endpoint Manager Vulnerabilities — www.securityweek.com — 10.10.2025 12:45

• Exploitation of most RCE vulnerabilities requires authentication.

  First reported: 10.10.2025 12:45
  1 source, 1 article
  Show sources

  • ZDI Drops 13 Unpatched Ivanti Endpoint Manager Vulnerabilities — www.securityweek.com — 10.10.2025 12:45

• One RCE vulnerability can be exploited with admin credentials or by convincing a user to open a malicious file.

  First reported: 10.10.2025 12:45
  1 source, 1 article
  Show sources

  • ZDI Drops 13 Unpatched Ivanti Endpoint Manager Vulnerabilities — www.securityweek.com — 10.10.2025 12:45

• ZDI advises restricting interaction with the product as the primary mitigation strategy.

  First reported: 10.10.2025 12:45
  1 source, 1 article
  Show sources

  • ZDI Drops 13 Unpatched Ivanti Endpoint Manager Vulnerabilities — www.securityweek.com — 10.10.2025 12:45

• Ivanti has acknowledged the issues but has not provided a public statement on the delay in patching.

  First reported: 10.10.2025 12:45
  1 source, 1 article
  Show sources

  • ZDI Drops 13 Unpatched Ivanti Endpoint Manager Vulnerabilities — www.securityweek.com — 10.10.2025 12:45