Ethical Hacking News
Ivanti has warned its customers about a newly disclosed vulnerability in its Endpoint Manager (EPM) solution, which allows an unauthenticated attacker to execute arbitrary JavaScript code remotely. This vulnerability poses a significant threat to the security of Ivanti EPM users and highlights the importance of staying up-to-date with the latest security patches and vulnerability disclosures.
Ivanti has issued a warning about a newly disclosed vulnerability in its Endpoint Manager (EPM) solution, CVE-2025-10573.The vulnerability allows an unauthenticated attacker to execute arbitrary JavaScript code remotely, posing a significant threat to Ivanti EPM users.The vulnerability is a Stored Cross-Site Scripting (XSS) flaw that enables an attacker to inject malicious JavaScript code into the admin dashboard of Ivanti EPM.The vulnerability requires no authentication to exploit, making it a high-risk threat to organizations that rely on Ivanti EPM.Organizations are advised to patch their systems immediately and take additional security measures to prevent unauthorized access.
Ivanti, a leading provider of remote administration and vulnerability management solutions, has issued a warning to its customers about a newly disclosed vulnerability in its Endpoint Manager (EPM) solution. The vulnerability, tracked as CVE-2025-10573 (CVSS score 9.6), allows an unauthenticated attacker to execute arbitrary JavaScript code remotely, posing a significant threat to the security of Ivanti EPM users.
The vulnerability is a Stored Cross-Site Scripting (XSS) flaw, which enables an attacker to inject malicious JavaScript code into the admin dashboard of Ivanti EPM. This can be achieved by registering fake endpoints with Ivanti EPM and injecting malicious JavaScript into the admin dashboard, which would then execute when an administrator views the poisoned interface.
The vulnerability requires no authentication to exploit, making it a high-risk threat to organizations that rely on Ivanti EPM for remote administration and vulnerability management. Rapid7 researchers have warned that an attacker can join fake managed endpoints with Ivanti EPM and inject malicious JavaScript into the admin dashboard, gaining control of the administrator's session.
Ivanti has not been aware of any attacks in the wild exploiting this vulnerability, but it is essential to note that attackers may still attempt to exploit this flaw to gain unauthorized access to the system. Organizations that use Ivanti EPM are urged to patch their systems immediately to prevent potential exploitation of this vulnerability.
The Ivanti EPM solution is widely used for remote administration and vulnerability management, making it an attractive target for attackers. The fact that no authentication is required to exploit this vulnerability makes it a high-risk threat to organizations that rely on Ivanti EPM for secure remote access and vulnerability management.
The U.S. cybersecurity agency CISA has added multiple EPM vulnerabilities (CVE-2024-13159, CVE-2024-13160, CVE-2024-13161) to its Known Exploited Vulnerabilities (KEV) catalog in March. This highlights the importance of staying up-to-date with the latest security patches and vulnerability disclosures.
In light of this new vulnerability, organizations that use Ivanti EPM are advised to take immediate action to patch their systems and protect themselves against potential exploitation. This includes applying the latest security patches, monitoring system logs for suspicious activity, and implementing additional security measures to prevent unauthorized access to the system.
Furthermore, it is essential for organizations to conduct a thorough risk assessment to identify potential vulnerabilities and implement mitigation strategies to minimize the impact of any potential attacks.
In conclusion, the newly disclosed Ivanti EPM vulnerability highlights the importance of staying vigilant against emerging threats in the cybersecurity landscape. Organizations that rely on remote administration and vulnerability management solutions must take proactive measures to patch their systems and protect themselves against potential exploitation.
Related Information:
https://www.ethicalhackingnews.com/articles/Ivanti-EPM-Vulnerability-A-Threat-to-Remote-Administration-and-Vulnerability-Management-ehn.shtml
https://securityaffairs.com/185508/hacking/ivanti-warns-customers-of-new-epm-flaw-enabling-remote-code-execution.html
https://www.bleepingcomputer.com/news/security/ivanti-warns-of-critical-endpoint-manager-code-execution-flaw/
https://nvd.nist.gov/vuln/detail/CVE-2024-13159
https://www.cvedetails.com/cve/CVE-2024-13159/
https://nvd.nist.gov/vuln/detail/CVE-2024-13160
https://www.cvedetails.com/cve/CVE-2024-13160/
https://nvd.nist.gov/vuln/detail/CVE-2024-13161
https://www.cvedetails.com/cve/CVE-2024-13161/
https://nvd.nist.gov/vuln/detail/CVE-2025-10573
https://www.cvedetails.com/cve/CVE-2025-10573/
Published: Tue Dec 9 17:07:52 2025 by llama3.2 3B Q4_K_M
