CyberHappenings logo
Home Browse About

Track cybersecurity events as they unfold. Sourced timelines. Filter, sort, and browse. Fast, privacy‑respecting. No invasive ads, no tracking.

High-Severity Vulnerabilities Patched in Ivanti Endpoint Manager and Zoom Clients

First reported
Last updated
1 unique sources, 1 articles

Summary

Hide ▲

Ivanti and Zoom have released patches for multiple high-severity vulnerabilities in their products. Ivanti fixed three bugs in Ivanti Endpoint Manager (EMP) that could lead to remote code execution and privilege escalation. Zoom patched three high-severity and six medium-severity flaws in its mobile and desktop clients, including issues leading to privilege escalation and information disclosure. No exploitation in the wild has been reported for any of these vulnerabilities.

Timeline

  1. 12.11.2025 14:07 1 articles · 23h ago

    Ivanti and Zoom Release Patches for High-Severity Vulnerabilities

    Ivanti and Zoom have released patches for multiple high-severity vulnerabilities in their products. Ivanti fixed three bugs in Ivanti Endpoint Manager (EMP) that could lead to remote code execution and privilege escalation. Zoom patched three high-severity and six medium-severity flaws in its mobile and desktop clients. No exploitation in the wild has been reported for any of these vulnerabilities.

    Show sources
    Open in new tab

Information Snippets

  • Ivanti patched three vulnerabilities in Ivanti Endpoint Manager (EMP) that could allow remote code execution and privilege escalation.

    First reported: 12.11.2025 14:07
    1 source, 1 article
    Show sources

  • Two of the Ivanti vulnerabilities, CVE-2025-9713 and CVE-2025-11622, were disclosed in October and involve path traversal and insecure deserialization.

    First reported: 12.11.2025 14:07
    1 source, 1 article
    Show sources

  • The third Ivanti vulnerability, CVE-2025-10918, is an insecure default permissions weakness.

    First reported: 12.11.2025 14:07
    1 source, 1 article
    Show sources

  • All EMP versions before 2024 SU4 are affected by these vulnerabilities.

    First reported: 12.11.2025 14:07
    1 source, 1 article
    Show sources

  • Zoom patched three high-severity flaws (CVE-2025-62484, CVE-2025-64741, CVE-2025-64740) that could lead to privilege escalation in its mobile and desktop clients.

    First reported: 12.11.2025 14:07
    1 source, 1 article
    Show sources

  • Zoom also fixed six medium-severity issues, including five information disclosure flaws and one XSS defect in Zoom Workplace and Meeting SDK for Windows.

    First reported: 12.11.2025 14:07
    1 source, 1 article
    Show sources