Skip to main content

Ivanti Releases Critical Security Updates for Endpoint Manager

1 critical and 3 high severity vulnerabilities could allow a remote unauthenticated attacker to perform remote code execution in the context of an administrator session. 

Threat ID:
CC-4726
Threat Severity:
Medium
Published:
10 December 2025 1:42 PM
Report a cyber attack: call 0300 303 5222 or email [email protected]

Summary

1 critical and 3 high severity vulnerabilities could allow a remote unauthenticated attacker to perform remote code execution in the context of an administrator session. 

Affected platforms

The following platforms are known to be affected:

Ivanti Endpoint Manager

  • All prior to version 2024 SU4

Threat details

Proof-of-Concept Exploit for CVE-2025-10573

Security researchers have published a proof-of-concept exploit for CVE-2025-10573. 

The NHS England National CSOC assesses future exploitation as likely.

Introduction

Ivanti has released security updates to address one critical severity and three high severity vulnerabilities in Ivanti EPM (Endpoint Manager).

  • CVE-2025-10573 - Cross Site Scripting vulnerability - CVSSv3 score: 9.6
  • CVE-2025-13659 - Improper Control of Dynamically-Managed Code Resources vulnerability - CVSSv3 score: 8.8
  • CVE-2025-13662 - Improper Verification of Cryptographic Signature vulnerability - CVSSv3 score: 7.8
  • CVE-2025-13661 - Path Traversal vulnerability - CVSSv3 score: 7.1

Remediation advice

Affected organisations are encouraged to review Ivanti's Security Advisory EPM December 2025 for EPM 2024 and apply the relevant update. 

Last edited: 10 December 2025 1:42 pm