Ivanti released Security Advisory for Endpoint Manager versions 2024 SU3 and 2022 SU8, detailing two high‐severity flaws (CVE-2025-9712 and CVE-2025-9872).
Both issues stem from insufficient filename validation and require only minimal user interaction, potentially granting full control over affected systems.
Vulnerability Overview
The two vulnerabilities share identical characteristics and impact:
| CVE Number | Description | CVSS Score (Severity) |
| CVE-2025-9712 | Insufficient filename validation in Endpoint Manager before 2024 SU3 Security Update 1 and 2022 SU8 Security Update 2 allows remote unauthenticated code execution. Requires user interaction. | 8.8 (High) |
| CVE-2025-9872 | Same as CVE-2025-9712: insufficient filename validation permitting remote unauthenticated code execution with user interaction. | 8.8 (High) |
Ivanti reports no known exploitation of these vulnerabilities in the wild at the time of disclosure. However, the high severity and ease of exploitation underline the urgency for administrators to update affected systems.
Affected Versions and Remediation
All Endpoint Manager installations running 2022 SU8 Security Update 1 or earlier, as well as 2024 SU3 and prior, are vulnerable. Ivanti has released fixes in the following versions:
| Product Name | Affected Version(s) | Resolved Version(s) | Patch Availability |
| Ivanti Endpoint Manager | 2022 SU8 Security Update 1 and prior | 2022 SU8 Security Update 2 | Download available in Ivanti License System (ILS) |
| Ivanti Endpoint Manager | 2024 SU3 and prior | 2024 SU3 Security Update 1 | Download available in Ivanti License System (ILS) |
Customers should log into the Ivanti License System to retrieve the necessary updates.
The 2022 branch will reach End of Life at the end of October 2025. Organizations still on this branch should not only apply the security update but also plan to migrate to a supported version to maintain ongoing security and support.
Recommended Actions
Administrators are advised to:
- Verify the Endpoint Manager version deployed in their environment.
- Immediately download and install the appropriate security update from the ILS portal.
- Review user access controls and endpoint policies to limit potential exposure.
- Schedule migration plans for 2022 branch to align with upcoming End of Life in October 2025.
By proactively applying these updates and planning for branch migrations, organizations can defend against unauthorized remote code execution and uphold the integrity of their endpoint management infrastructure.
Find this Story Interesting! Follow us on LinkedIn and X to Get More Instant Updates.
Source link
