CVE-2025-13659

CVSS v3.1

8.8

High

Vector

AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Ivanti Endpoint Manager versions prior to 2024 SU4 SR1

Description An issue exists in Ivanti Endpoint Manager that allows a remote, unauthenticated attacker to write arbitrary files on the server. This could potentially lead to remote code execution. User interaction is required for exploitation.

Recommendations Update Ivanti Endpoint Manager to version 2024 SU4 SR1 or later.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-913

Related Identifiers

CVE-2025-13659

Affected Products

Ivanti Endpoint Manager

CVE-2025-13659

Weakness Enumeration

Related Identifiers

Affected Products

References · 8