Primary

Context

Ivanti Endpoint Manager Improper Signature Verification Vulnerability Allowing Remote Code Execution

Vulnerability

A vulnerability in Ivanti Endpoint Manager (EPM) has been identified, specifically in versions prior to the January 2025 Security Update for both EPM 2024 and EPM 2022 SU6. This vulnerability arises from improper signature verification, which allows a remote, unauthenticated attacker to execute code. However, exploitation requires local user interaction.

Impact

Exploitation of this vulnerability leads to unauthorized remote code execution on the affected system.

Remediation

Users can apply the Security Hot Patch available for their version of Ivanti Endpoint Manager. For EPM 2024, the patch can be downloaded from the Ivanti License System (ILS) and applied to the core server and remote consoles. For EPM 2022 SU6, the same process applies. After applying the patch, the Core Server should be rebooted.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

7.5

exploitability

4.9

remediation

7.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

7.5

exploitability

4.9

remediation

7.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Ivanti Endpoint Manager Improper Signature Verification Vulnerability Allowing Remote Code Execution

Vulnerability

Impact

Remediation

Affected Products

Ivanti Endpoint Manager

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating