Ivanti Released Security Update With The Fixes for Critical Endpoint Manager RCE Vulnerabilities

Ivanti, a prominent enterprise software provider, has issued an urgent security advisory today addressing multiple vulnerabilities in its Endpoint Manager (EPM) products.

The updates for EPM 2024 SU1 and EPM 2022 SU7 resolve six critical and medium-severity flaws that could allow attackers to gain remote access, escalate privileges, or disrupt systems. While no exploitation has been reported, Ivanti is calling on customers to apply the patches immediately.

The vulnerabilities, assigned CVE numbers ranging from CVE-2025-22458 to CVE-2025-22466, carry CVSS scores between 4.8 (Medium) and 8.2 (High). The most severe include:

• CVE-2025-22466 (8.2, High): A reflected cross-site scripting (XSS) flaw that could let an unauthenticated remote attacker seize admin privileges, requiring user interaction.
• CVE-2025-22458 (7.8, High): A DLL hijacking issue enabling an authenticated local attacker to escalate to SYSTEM-level access.
• CVE-2025-22461 (7.2, High): An SQL injection vulnerability allowing a remote authenticated admin to execute arbitrary code.

Other issues involve a denial-of-service risk (CVE-2025-22464), another XSS vulnerability (CVE-2025-22465), and improper certificate validation (CVE-2025-22459) that could expose limited traffic to interception.

No Known Exploits Available

Ivanti emphasized that it has no evidence of these vulnerabilities being exploited as of the disclosure date.

The issues were uncovered through its responsible disclosure program, with credit given to Paul Serban of Eviden’s SEC Consult Vulnerability Lab (CVE-2025-22458) and Kevin Salapatek of Trend Micro (CVE-2025-22461).

“We’re not aware of any customers being targeted prior to this announcement,” Ivanti said.

However, the company cautioned that the absence of known exploits doesn’t diminish the need for swift action.

Affected Versions and Solutions

The flaws affect Ivanti EPM 2022 SU6 and earlier, as well as EPM 2024. Ivanti has released fixes in:

• EPM 2022 SU7
• EPM 2024 SU1

Both updates are available for download via the Ivanti Licensing Portal (login required). Customers using older versions are urged to upgrade promptly to mitigate risks.

How to Protect Your Systems

Ivanti recommends the following steps:

1. Apply the Updates: Install EPM 2022 SU7 or 2024 SU1 immediately.
2. Stay Alert: No specific indicators of compromise exist yet, but monitoring for unusual activity is advised.
3. Get Support: Contact the Ivanti Success Portal for assistance if needed.

The company reiterated its dedication to security, stating, “We value the contributions of security researchers and the broader community in keeping our customers safe.” More information on its vulnerability disclosure process is available online.

With potential threats ranging from remote code execution to full system compromise, these vulnerabilities underscore the importance of timely patch management. Organizations relying on Ivanti EPM should prioritize these updates to safeguard their environments.

Find this News Interesting! Follow us on Google News, LinkedIn, & X to Get Instant Updates!

Also Read: