Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Ivanti Endpoint Manager stored XSS (CVE-2025-10573)

Vulnerability
First reported
Last updated
Happening score
H score 24
2 unique sources, 2 articles

Summary

Hide ▲

Ivanti disclosed CVE-2025-10573, a critical stored XSS in Endpoint Manager (EPM) prior to 2024 SU4 SR1 that can let a remote unauthenticated attacker execute JavaScript in an administrator session and potentially reach remote code execution. The issue matters most for internet-facing EPM instances, and Shadowserver says there are still hundreds of them exposed. Ivanti has released a fix, so affected customers should patch immediately.

Related Happenings

CISA emergency patch deadline for Ivanti EPMM

Public Sector Action
First: 08.05.2026 15:16 Last: 08.05.2026 15:16 Sources 1

About this happening: CISA ordered **U.S. federal agencies** to patch **Ivanti EPMM** by **midnight Sunday, May 10** after adding **CVE-2026-6973** to its list of vulnerabilities exploited in attacks....

Open Happening

CISA KEV listing and FCEB patch order for Ivanti EPMM

Public Sector Action
First: 08.04.2026 21:15 Last: 08.04.2026 21:15 Sources 1

About this happening: **CISA** added **CVE-2026-1340** to the **KEV Catalog** and ordered **FCEB agencies** to patch **Ivanti Endpoint Manager Mobile (EPMM)** by **Saturday midnight, April 11**, forcin...

Open Happening

Cloud Software Group NetScaler urgent remediation advisory

Advisory/Mitigation
First: 25.03.2026 17:52 Last: 25.03.2026 17:52 Sources 1

About this happening: **Cloud Software Group** issued urgent remediation guidance for **NetScaler ADC** and **NetScaler Gateway**, telling affected customers to install updated versions as soon as poss...

Open Happening

Ivanti Endpoint Manager (EPM) authentication bypass (CVE-2026-1603)

Vulnerability
First: 10.03.2026 13:36 Last: 10.03.2026 13:36 Sources 1

About this happening: A **high-severity** flaw in **Ivanti Endpoint Manager (EPM)** is now **actively exploited**, putting **remote unauthenticated attackers** in position to **bypass authentication**...

Open Happening

Ivanti Endpoint Manager unpatched RCE and privilege-escalation flaws deserialization flaw

Vulnerability
First: 10.10.2025 12:45 Last: 10.10.2025 12:45 Sources 1

About this happening: ZDI disclosed **13 unpatched flaws** in **Ivanti Endpoint Manager**, including a **local privilege-escalation bug** and **12 RCE issues** that can expose affected deployments to *...

Open Happening

Timeline

  1. 09.12.2025 19:10 2 articles · 5mo ago

    Ivanti discloses CVE-2025-10573 in Endpoint Manager

    Initial Disclosure

    Ivanti disclosed CVE-2025-10573 in Endpoint Manager (EPM), describing a stored XSS flaw in versions prior to 2024 SU4 SR1 that lets a remote unauthenticated attacker execute arbitrary JavaScript in an administrator session and potentially reach remote code execution. The same disclosure also said user interaction is required, that the risk is lower because EPM is not intended to be exposed online, that Ivanti released security updates for CVE-2025-13659 and CVE-2025-13662, and that Shadowserver tracks hundreds of Internet-facing EPM instances, including systems in the United States, Germany, and Japan.

    Show sources
    Open in new tab