![[The AI Show Episode 144]: ChatGPT’s New Memory, Shopify CEO’s Leaked “AI First” Memo, Google Cloud Next Releases, o3 and o4-mini Coming Soon & Llama 4’s Rocky Launch](https://www.marketingaiinstitute.com/hubfs/ep%20144%20cover.png)
![Blue Archive tier list [April 2025]](https://media.pocketgamer.com/artwork/na-33404-1636469504/blue-archive-screenshot-2.jpg?#)
.png?#)
-Baldur’s-Gate-3-The-Final-Patch---An-Animated-Short-00-03-43.png?width=1920&height=1920&fit=bounds&quality=70&format=jpg&auto=webp#)
.webp?#)
![Alleged Pixel 10 series wallpapers leak with vibrant colors and a strange new theme [Gallery]](https://i0.wp.com/9to5google.com/wp-content/uploads/sites/4/2025/04/pixel-10-wallpaper-leak-1.jpg?resize=1200%2C628&quality=82&strip=all&ssl=1){kind=tracking}
![Apple to Split Enterprise and Western Europe Roles as VP Exits [Report]](https://www.iclarified.com/images/news/97032/97032/97032-640.jpg)
![Nanoleaf Announces New Pegboard Desk Dock With Dual-Sided Lighting [Video]](https://www.iclarified.com/images/news/97030/97030/97030-640.jpg)
![Apple's Foldable iPhone May Cost Between $2100 and $2300 [Rumor]](https://www.iclarified.com/images/news/97028/97028/97028-640.jpg)
Ivanti Security Updates – RCE Vulnerabilities Allow Attackers to Exploit Ivanti Products for Remote Access
Ivanti, a leading provider of enterprise software solutions, has released critical security updates for its Endpoint Manager (EPM) products, addressing multiple vulnerabilities that could allow attackers to gain unauthorized access, escalate privileges, or disrupt systems. The updates, released today, April 8, 2025, target Ivanti EPM 2024 and EPM 2022 SU6, with patches available in versions […] The post Ivanti Security Updates – RCE Vulnerabilities Allow Attackers to Exploit Ivanti Products for Remote Access appeared first on Cyber Security News.
Ivanti, a leading provider of enterprise software solutions, has released critical security updates for its Endpoint Manager (EPM) products, addressing multiple vulnerabilities that could allow attackers to gain unauthorized access, escalate privileges, or disrupt systems.
The updates, released today, April 8, 2025, target Ivanti EPM 2024 and EPM 2022 SU6, with patches available in versions 2024 SU1 and 2022 SU7, respectively.
These updates resolve a range of medium and high-severity vulnerabilities, including several that could enable remote exploitation.
Vulnerability Overview
The security advisory details six Common Vulnerabilities and Exposures (CVEs), with severity scores ranging from 4.8 (Medium) to 8.2 (High) on the CVSS scale. Among the most concerning are:
- CVE-2025-22466 (CVSS 8.2, High): A reflected cross-site scripting (XSS) vulnerability that allows a remote, unauthenticated attacker to gain admin privileges through user interaction. This flaw could potentially grant attackers significant control over affected systems.
- CVE-2025-22458 (CVSS 7.8, High): A DLL hijacking vulnerability that enables an authenticated attacker with local access to escalate privileges to SYSTEM level, posing a severe risk to system integrity.
- CVE-2025-22461 (CVSS 7.2, High): An SQL injection vulnerability that permits a remote, authenticated attacker with admin privileges to execute arbitrary code, potentially leading to full system compromise.
Other vulnerabilities include an untrusted pointer dereference (CVE-2025-22464), additional reflected XSS issues (CVE-2025-22465), and improper certificate validation (CVE-2025-22459), which could allow attackers to intercept limited client-server traffic.
The vulnerabilities impact Ivanti Endpoint Manager 2022 SU6 and earlier, as well as EPM 2024. Ivanti has resolved these issues in the latest releases:
- EPM 2022 SU7
- EPM 2024 SU1
Patches are available for download through the Ivanti Licensing Portal (ILS), and the company urges customers to update immediately to mitigate risks.
No Known Exploits—Yet
Ivanti has stated that it is not aware of any active exploitation of these vulnerabilities as of the disclosure date. The issues were identified through the company’s responsible disclosure program, with credit given to security researchers Paul Serban of Eviden’s SEC Consult Vulnerability Lab (CVE-2025-22458) and Kevin Salapatek of Trend Micro (CVE-2025-22461) for their contributions.
“Currently, there is no known public exploitation of these vulnerabilities that could be used to provide a list of indicators of compromise,” Ivanti noted. However, the potential severity of these flaws underscores the urgency of applying the updates.
The vulnerabilities pose a range of risks, from denial-of-service attacks to full system takeovers, depending on the attacker’s access level and exploit method. While some require user interaction or local access, others such as the high-severity XSS and SQL injection flaws—could be leveraged remotely, making them particularly dangerous in unpatched environments.
Ivanti advises customers to:
- Update to EPM 2022 SU7 or EPM 2024 SU1 immediately.
- Monitor systems for unusual activity, despite the lack of known exploits.
- Contact the Ivanti Success Portal for support if needed.
In its advisory, Ivanti emphasized its dedication to product security and collaboration with the broader security community. “We recognize the vital role that security researchers, ethical hackers, and the broader security community play in identifying and reporting vulnerabilities,” the company stated, directing users to its Vulnerability Disclosure Policy for more details.
With cyber threats evolving daily, this advisory serves as a critical reminder for organizations relying on Ivanti Endpoint Manager to prioritize patch management. While no exploitation has been reported, the potential for remote access and privilege escalation makes these updates non-negotiable for maintaining a secure enterprise environment.
For more information or to download the patches, visit the Ivanti Licensing Portal. Stay tuned for updates as the security community continues to monitor these vulnerabilities.
Find this News Interesting! Follow us on Google News, LinkedIn, and X to Get Instant Updates
The post Ivanti Security Updates – RCE Vulnerabilities Allow Attackers to Exploit Ivanti Products for Remote Access appeared first on Cyber Security News.
