Ce mail provient de l'extérieur, restons vigilants

=====================================================================

                            CERT-Renater

                Note d'Information No. 2025/VULN216

_____________________________________________________________________

DATE                : 08/04/2025

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Systems running Ivanti Endpoint Manager 
                        versions prior to 2022 SU7, 2024 SU1.

=====================================================================
https://forums.ivanti.com/s/article/Security-Advisory-EPM-April-2025-for-EPM-2024-and-EPM-2022-SU6?language=en_US
_____________________________________________________________________

Security Advisory April 2025 for Ivanti EPM 2024 and EPM 2022 SU6

Primary Product
Endpoint Manager

Created Date
8 Apr 2025 14:01:17

Last Modified Date
8 Apr 2025 14:01:17

Security Advisory Ivanti EPM 2022 SU6 and EPM 2024 (Multiple CVEs) 

 
Summary 

Ivanti has released updates for Ivanti Endpoint Manager which
addresses medium and high vulnerabilities. 

We are not aware of any customers being exploited by these
vulnerabilities at the time of disclosure. 

 
Vulnerability Details

CVE Number   Description     CVSS Score (Severity) 
CVSS Vector      CWE 

CVE-2025-22464   An untrusted pointer dereference vulnerability
in Ivanti Endpoint Manager before version 2024 SU1 or before
version 2022 SU7 allows an attacker with local access to write
arbitrary data into memory causing a denial-of-service
condition. 
6.1 (Medium)    CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H 
CWE-822 

CVE-2025-22465   Reflected XSS in Ivanti Endpoint Manager before
version 2024 SU1 or before version 2022 SU7 allows a remote
unauthenticated attacker to execute arbitrary javascript in a
victim's browser. Unlikely user interaction is required. 
6.1 (Medium)    CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 
CWE-79 

CVE-2025-22466   Reflected XSS in Ivanti Endpoint Manager before
version 2024 SU1 or before version 2022 SU7 allows a remote
unauthenticated attacker to obtain admin privileges. User
interaction is required.    8.2 (High) 
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N    CWE-79 

CVE-2025-22458    DLL hijacking in Ivanti Endpoint Manager before
version 2024 SU1 or before version 2022 SU7 allows an
authenticated attacker to escalate to System. 
7.8 (High)    CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 
CWE-427 

CVE-2025-22459    Improper certificate validation in Ivanti
Endpoint Manager before version 2024 SU1 or before version 2022
SU7 allows a remote unauthenticated attacker to intercept limited
traffic between clients and servers.     4.8 (Medium) 
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N    CWE-296 

CVE-2025-22461    SQL injection in Ivanti Endpoint Manager before
version 2024 SU1 or before version 2022 SU7 allows a remote
authenticated attacker with admin privileges to achieve code
execution.   7.2 (High)
CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H    CWE-89 


Affected Versions 

Product Name     Affected Version(s)   Resolved Version(s) 
Patch Availability 

Ivanti Endpoint Manager  2022 SU6 and previous   2022 SU7 
Download Available in ILS

Ivanti Endpoint Manager   2024   2024 SU1   
Download Available in ILS 

 

Solution 

These vulnerabilities are resolved on the latest version of
the product and can be accessed in the licensing portal
(Login Required):  

    Ivanti Endpoint Manager 2024 SU1  

    Ivanti Endpoint Manager 2022 SU7 

 
Acknowledgements 

Ivanti would like to thank the following for reporting the
relevant issues and for working with Ivanti to help protect
our customers: 

Paul Serban (@LazyTitan33) of Eviden, SEC Consult Vulnerability
Lab (CVE-2025-22458) 

    Kevin Salapatek of Trend Micro (CVE-2025-22461) 

 
NOTE: Ivanti is dedicated to ensuring the security and integrity
of our enterprise software products. We recognize the vital role
that security researchers, ethical hackers, and the broader
security community play in identifying and reporting
vulnerabilities. Visit HERE to learn more about our Vulnerability
Disclosure Policy. 

 
FAQ 

Are you aware of any active exploitation of these vulnerabilities? 

We are not aware of any customers being exploited by these
vulnerabilities prior to public disclosure. These vulnerabilities
were disclosed through our responsible disclosure program.   

 

How can I tell if I have been compromised? 
Currently, there is no known public exploitation of this
vulnerability that could be used to provide a list of indicators
of compromise. 

 

What should I do if I need help?  

If you have questions after reviewing this information, you can
log a case and/or request a call via the Success Portal 
 
Article Number :
000098851

Article Promotion Level
Normal
=========================================================
+ CERT-RENATER        |    tel : 01-53-94-20-44         +
+ 23/25 Rue Daviel    |    fax : 01-53-94-20-41         +
+ 75013 Paris         |   email:cert@support.renater.fr +
=========================================================