Active Exploitation of Critical Motex Lanscope Endpoint Manager Vulnerability

First reported

23.10.2025 08:37

Last updated

1 unique sources, 1 articles

Summary

Hide ▲

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical security flaw in Motex Lanscope Endpoint Manager to its Known Exploited Vulnerabilities (KEV) catalog. The vulnerability, CVE-2025-61932, allows attackers to execute arbitrary code on affected systems. It impacts on-premises versions of Lanscope Endpoint Manager, specifically the Client program and Detection Agent. The flaw has been actively exploited in the wild, and federal agencies are advised to apply patches by November 12, 2025. The vulnerability impacts versions 9.4.7.1 and earlier. It has been addressed in versions 9.3.2.7, 9.3.3.9, 9.4.0.5, 9.4.1.5, 9.4.2.6, 9.4.3.8, 9.4.4.6, 9.4.5.4, 9.4.6.3, and 9.4.7.3. The exact exploitation methods and threat actors are unknown, but an alert from the Japan Vulnerability Notes (JVN) portal indicates that an unnamed customer received malicious packets targeting this vulnerability.

Timeline

23.10.2025 08:37 1 articles · 10h ago

Critical Motex Lanscope Endpoint Manager Vulnerability Exploited in the Wild
CISA added CVE-2025-61932 to its Known Exploited Vulnerabilities catalog, confirming active exploitation. The flaw impacts on-premises versions of Lanscope Endpoint Manager, allowing arbitrary code execution. Federal agencies are advised to patch by November 12, 2025.
Show sources

Critical Lanscope Endpoint Manager Bug Exploited in Ongoing Cyberattacks, CISA Confirms — thehackernews.com — 23.10.2025 08:37
Open in new tab

Information Snippets

CVE-2025-61932 is a critical vulnerability in Motex Lanscope Endpoint Manager with a CVSS v4 score of 9.3.
First reported: 23.10.2025 08:37

1 source, 1 article
Show sources
- Critical Lanscope Endpoint Manager Bug Exploited in Ongoing Cyberattacks, CISA Confirms — thehackernews.com — 23.10.2025 08:37
The flaw affects on-premises versions of Lanscope Endpoint Manager, specifically the Client program and Detection Agent.
First reported: 23.10.2025 08:37

1 source, 1 article
Show sources
- Critical Lanscope Endpoint Manager Bug Exploited in Ongoing Cyberattacks, CISA Confirms — thehackernews.com — 23.10.2025 08:37
The vulnerability allows attackers to execute arbitrary code by sending specially crafted packets.
First reported: 23.10.2025 08:37

1 source, 1 article
Show sources
- Critical Lanscope Endpoint Manager Bug Exploited in Ongoing Cyberattacks, CISA Confirms — thehackernews.com — 23.10.2025 08:37
The affected versions are 9.4.7.1 and earlier. Patched versions include 9.3.2.7, 9.3.3.9, 9.4.0.5, 9.4.1.5, 9.4.2.6, 9.4.3.8, 9.4.4.6, 9.4.5.4, 9.4.6.3, and 9.4.7.3.
First reported: 23.10.2025 08:37

1 source, 1 article
Show sources
- Critical Lanscope Endpoint Manager Bug Exploited in Ongoing Cyberattacks, CISA Confirms — thehackernews.com — 23.10.2025 08:37
The vulnerability has been actively exploited in the wild, though the exact methods and threat actors are unknown.
First reported: 23.10.2025 08:37

1 source, 1 article
Show sources
- Critical Lanscope Endpoint Manager Bug Exploited in Ongoing Cyberattacks, CISA Confirms — thehackernews.com — 23.10.2025 08:37
Federal Civilian Executive Branch (FCEB) agencies are advised to remediate the vulnerability by November 12, 2025.
First reported: 23.10.2025 08:37

1 source, 1 article
Show sources
- Critical Lanscope Endpoint Manager Bug Exploited in Ongoing Cyberattacks, CISA Confirms — thehackernews.com — 23.10.2025 08:37

Summary

Timeline

Critical Motex Lanscope Endpoint Manager Vulnerability Exploited in the Wild

Information Snippets