{"id":828,"date":"2025-04-23T05:51:28","date_gmt":"2025-04-23T05:51:28","guid":{"rendered":"http:\/\/localhost\/?p=828"},"modified":"2025-04-23T05:51:28","modified_gmt":"2025-04-23T05:51:28","slug":"security-advisory-april-2025-for-ivanti-epm-2024-and-epm-2022-su6","status":"publish","type":"post","link":"https:\/\/zero.redgem.net\/?p=828","title":{"rendered":"Security Advisory April 2025 for Ivanti EPM 2024 and EPM 2022 SU6"},"content":{"rendered":"
\n

Vulnerability Details<\/h2>\n
\n

Basic Information<\/h3>\n\n\n\n\n\n\n
Title<\/th>\nSecurity Advisory April 2025 for Ivanti EPM 2024 and EPM 2022 SU6<\/td>\n<\/tr>\n
Type<\/th>\nivanti<\/td>\n<\/tr>\n
Published<\/th>\n2025-08-04T14:01:17<\/td>\n<\/tr>\n
Last Seen<\/th>\n2025-04-23T07:46:14<\/td>\n<\/tr>\n
CVSS Score<\/th>\n8.2 (HIGH)<\/td>\n<\/tr>\n<\/table><\/div>\n
\n

CVSS v3 Details<\/h3>\n\n\n\n\n\n\n\n\n\n
Attack Vector<\/th>\nNETWORK<\/td>\n<\/tr>\n
Attack Complexity<\/th>\nLOW<\/td>\n<\/tr>\n
Privileges Required<\/th>\nNONE<\/td>\n<\/tr>\n
User Interaction<\/th>\nREQUIRED<\/td>\n<\/tr>\n
Scope<\/th>\nCHANGED<\/td>\n<\/tr>\n
Confidentiality Impact<\/th>\nHIGH<\/td>\n<\/tr>\n
Integrity Impact<\/th>\nLOW<\/td>\n<\/tr>\n
Availability Impact<\/th>\nNONE<\/td>\n<\/tr>\n<\/table><\/div>\n
\n

CVE Information<\/h3>\n\n\n\n\n
CVE IDs<\/th>\nCVE-2025-22458, CVE-2025-22459, CVE-2025-22461, CVE-2025-22464, CVE-2025-22465, CVE-2025-22466<\/td>\n<\/tr>\n
CWE<\/th>\n<\/td>\n<\/tr>\n
Bulletin Family<\/th>\nsoftware<\/td>\n<\/tr>\n<\/table><\/div>\n
\n

Description<\/h3>\n
\n Security Advisory Ivanti EPM 2022 SU6 and EPM 2024 (Multiple CVEs)<\/p>\n

Summary<\/p>\n

Ivanti has released updates for Ivanti Endpoint Manager which addresses medium and high vulnerabilities.<\/p>\n

We are not aware of any customers being exploited by these vulnerabilities at the time of disclosure.<\/p>\n

Vulnerability Details<\/p>\n

CVE Number | Description | CVSS Score (Severity) | CVSS Vector | CWE
\n—|—|—|—|—
\nCVE-2025-22464 | An untrusted pointer dereference vulnerability in Ivanti Endpoint Manager before version 2024 SU1 or before version 2022 SU7 allows an attacker with local access to write arbitrary data into memory causing a denial-of-service condition. | 6.1 (Medium) | CVSS:3.0\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:N\/I:L\/A:H | CWE-822
\nCVE-2025-22465 | Reflected XSS in Ivanti Endpoint Manager before version 2024 SU1 or before version 2022 SU7 allows a remote unauthenticated attacker to execute arbitrary javascript in a victim’s browser. Unlikely user interaction is required. | 6.1 (Medium) | CVSS:3.0\/AV:N\/AC:L\/PR:N\/UI:R\/S:C\/C:L\/I:L\/A:N | CWE-79
\nCVE-2025-22466 | Reflected XSS in Ivanti Endpoint Manager before version 2024 SU1 or before version 2022 SU7 allows a remote unauthenticated attacker to obtain admin privileges. User interaction is required. | 8.2 (High) | CVSS:3.0\/AV:N\/AC:L\/PR:N\/UI:R\/S:C\/C:H\/I:L\/A:N | CWE-79
\nCVE-2025-22458 | DLL hijacking in Ivanti Endpoint Manager before version 2024 SU1 or before version 2022 SU7 allows an authenticated attacker to escalate to System. | 7.8 (High) | CVSS:3.0\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H | CWE-427
\nCVE-2025-22459 | Improper certificate validation in Ivanti Endpoint Manager before version 2024 SU1 or before version 2022 SU7 allows a remote unauthenticated attacker to intercept limited traffic between clients and servers. | 4.8 (Medium) | CVSS:3.0\/AV:N\/AC:H\/PR:N\/UI:N\/S:U\/C:L\/I:L\/A:N | CWE-296
\nCVE-2025-22461 | SQL injection in Ivanti Endpoint Manager before version 2024 SU1 or before version 2022 SU7 allows a remote authenticated attacker with admin privileges to achieve code execution. | 7.2 (High) | CVSS:3.0\/AV:N\/AC:L\/PR:H\/UI:N\/S:U\/C:H\/I:H\/A:H | CWE-89 <\/p>\n

Affected Versions<\/p>\n

Product Name | Affected Version(s) | Resolved Version(s) | Patch Availability
\n—|—|—|—
\nIvanti Endpoint Manager | 2022 SU6 and previous | 2022 SU7 | Download Available in ILS
\nIvanti Endpoint Manager | 2024 | 2024 SU1 | Download Available in ILS <\/p>\n

Solution<\/p>\n

These vulnerabilities are resolved on the latest version of the product and can be accessed in the licensing portal (Login Required): <\/p>\n

* Ivanti Endpoint Manager 2024 SU1 <\/p>\n

* Ivanti Endpoint Manager 2022 SU7<\/p>\n

Acknowledgements<\/p>\n

Ivanti would like to thank the following for reporting the relevant issues and for working with Ivanti to help protect our customers:<\/p>\n

Paul Serban (@LazyTitan33) of Eviden, SEC Consult Vulnerability Lab (CVE-2025-22458)<\/p>\n

* Kevin Salapatek of Trend Research (CVE-2025-22461)<\/p>\n

* * * <\/p>\n

**NOTE:** Ivanti is dedicated to ensuring the security and integrity of our enterprise software products. We recognize the vital role that security researchers, ethical hackers, and the broader security community play in identifying and reporting vulnerabilities. Visit HERE to learn more about our Vulnerability Disclosure Policy.<\/p>\n

## FAQ<\/p>\n

Are you aware of any active exploitation of these vulnerabilities?<\/p>\n

We are not aware of any customers being exploited by these vulnerabilities prior to public disclosure. These vulnerabilities were disclosed through our responsible disclosure program. <\/p>\n

How can I tell if I have been compromised?
\nCurrently, there is no known public exploitation of this vulnerability that could be used to provide a list of indicators of compromise.<\/p>\n

What should I do if I need help? <\/p>\n

If you have questions after reviewing this information, you can log a case and\/or request a call via the Success Portal<\/p><\/div>\n<\/p><\/div>\n

\n

Impact Assessment<\/h3>\n\n\n\n
Base Score<\/th>\n8.2<\/td>\n<\/tr>\n
Severity<\/th>\nHIGH<\/td>\n<\/tr>\n<\/table><\/div>\n
\n

View full CVE details<\/a><\/p>\n<\/p><\/div>\n<\/div>\n