—–BEGIN PGP SIGNED MESSAGE—–

Hash: SHA256

Multiple vulnerabilities in Ivanti Products 

Indian – Computer Emergency Response Team (https://www.cert-in.org.in)

Severity Rating: HIGH

Software Affected

Ivanti Endpoint Manager (EPM) – 2024 SU3 SR1 and prior

Ivanti Endpoint Manager (EPM) – 2022 SU8 SR2 and prior

Ivanti Endpoint Manager Mobile (EPMM) – versions before 12.6.0.2, 12.5.0.4, and 12.4.0.4

Ivanti Neurons for MDM – before R118 and R119

Overview

Multiple vulnerabilities have been reported in Ivanti products, which could allow an attacker to escalate privileges, execute arbitrary code, or bypass authentication on a targeted system.

Target Audience:

All end-user organisations and individuals using affected Ivanti Products.

Risk Assessment:

High risk of unauthorised access, privilege escalation, and potential compromise of sensitive data or system integrity.

Impact Assessment:

Potential for data theft, unauthorised access, and system compromise.

Description

Ivanti is a software vendor that develops enterprise solutions for IT service management (ITSM), IT asset management (ITAM), unified endpoint management (UEM), and security configuration management. Its products are used by organisations to manage, secure, and maintain endpoints across desktops, mobile devices, cloud workloads, and edge environments.

Multiple vulnerabilities have been reported in Ivanti products, including Ivanti Endpoint Manager (EPM), Ivanti Endpoint Manager Mobile (EPMM), and Ivanti Neurons for MDM. The issues arise from insecure deserialization, path traversal, and SQL injection in EPM; OS command injection and path traversal in EPMM; and missing authorisation, multi-factor authentication (MFA) bypass, and missing authentication in Neurons for MDM.

Successful exploitation of these vulnerabilities could allow an attacker to escalate privileges, execute arbitrary code, or gain unauthorised access to sensitive information on the targeted system.

Solution

Apply appropriate updates as mentioned by the vendor:

https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Endpoint-Manager-EPM-October-2025?language=en_US

https://forums.ivanti.com/s/article/Security-Advisory-Endpoint-Manager-Mobile-EPMM-10-2025-Multiple-CVEs?language=en_US

https://forums.ivanti.com/s/article/October-2025-Security-Advisory-Ivanti-Neurons-for-MDM?language=en_US

Vendor Information

Ivanti

https://www.ivanti.com

References

Ivanti

https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Endpoint-Manager-EPM-October-2025?language=en_US

https://forums.ivanti.com/s/article/Security-Advisory-Endpoint-Manager-Mobile-EPMM-10-2025-Multiple-CVEs?language=en_US

https://forums.ivanti.com/s/article/October-2025-Security-Advisory-Ivanti-Neurons-for-MDM?language=en_US

CVE Name

CVE-2025-11622

CVE-2025-9713

CVE-2025-11623

CVE-2025-62392

CVE-2025-62390

CVE-2025-62389

CVE-2025-62388

CVE-2025-62387

CVE-2025-62385

CVE-2025-62391

CVE-2025-62383

CVE-2025-62386

CVE-2025-62384

CVE-2025-10242

CVE-2025-10243

CVE-2025-10985

CVE-2025-10986

– —

Thanks and Regards,

CERT-In

Incident Response Help Desk

e-mail: incident@cert-in.org.in

Phone: +91-11-22902657

Toll Free Number: 1800-11-4949

Toll Free Fax : 1800-11-6969

Web: http://www.cert-in.org.in

PGP Fingerprint: A768 083E 4475 5725 B81A A379 2156 C0C0 B620 D0B4

PGP Key information:

https://www.cert-in.org.in/s2cMainServlet?pageid=CONTACTUS

Postal address:

Indian Computer Emergency Response Team (CERT-In)

Ministry of Electronics and Information Technology

Government of India

Electronics Niketan

6, C.G.O. Complex

New Delhi-110 003

—–BEGIN PGP SIGNATURE—–

iQIzBAEBCAAdFiEE6r4Iam/Ey0c/KakL3jCgcSdcys8FAmj56w4ACgkQ3jCgcSdc

ys/RohAApsfryJcWd3kMSxKl2IW4BWd7CAnW7CEGkbgyZR1ndogGNH1RIbLgsi6S

ftPACY756NXVeZzIhT5/sHFNCwIINOUiR1GCiOiYVItntD3JUf/dfKyHnjmqB2ew

FKMUnNiPBp6LCDukWs5KeWLU+pU/9/wTHUxP+nAx8zBvROc6Vp2mOma6dS1Xem50

Yad6rdocg/nB1bmePWMomloDNu5CrW4+XSC/tFRYb7bhcDlhgKwq6WqjnCucSd3N

uAFyf+1J125QpT7sapycNgpHKn5u7zQ0q0DJQk3Z0ZQYqjnKrEVCtS70z3l0+sjD

MXn+6FWCfgpmt2G3jg8EW/uYCV/P7ksJxJOw8DQZ/EspPO6JAQi4a0jjjSCQ8Rsn

XUhqCQAhOEQZZNt35fBDondT99pzdWc/MSgP+6XfE9fKq0x9s3qbEFKF87X/S9d4

syWoV6DHQFwHoBJ1QBfO9QAYlX8wn9bAcGLh6PX9zCSb/QbzEgX9U4w+DDxGLpaJ

Us2uYbFzqjg9kJ/D3ozCFmGRkZch19yCNx6VHqbn87rKenhGhJy6FJCrI5muQCuD

0dYwImnMGSy+dMSzf7cZodTI87MpvoUQJCuvSessA1pkm6jjmd9GE6mk//nH6RUV

0v/hHA4lnf1DBow1G73dVNuSocV3jf513b3OFRGcW0qVaBGa02w=

=TFYA

—–END PGP SIGNATURE—–