CNNVD-202507-1020 Information
CNNVD ID
CNNVD-202507-1020
Related CVE
- CNNVD Published: 2025-07-08
Description (Chinese)
Ivanti Endpoint Manager Mobile(Ivanti EPMM)是美国Ivanti公司的一个移动管理软件引擎。 Ivanti Endpoint Manager Mobile 12.5.0.2之前版本存在操作系统命令注入漏洞,该漏洞源于容易受到OS命令注入攻击,可能导致远程代码执行。
Description (English)
Ivanti Endpoint Manager Mobile (Ivanti EPM) is a mobile management software engine for Ivanti in the United States. The previous version of Ivanti Endpoint Manager Mobile 12.5.0.2 had a loophole in the OS command, which arose from its vulnerability to OS injections and could lead to remote code enforcement.
Hazard Level
Medium
Vulnerability Type
操作系统命令注入
Affected Vendor
iWT
Published
2025-07-08
Last Modified
2026-02-24
References
https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Endpoint-Manager-Mobile-EPMM-CVE-2025-6770-CVE-2025-6771?language=en_US https://access.redhat.com/security/cve/cve-2025-6770 https://vigilance.fr/vulnerability/Ivanti-Endpoint-Manager-Mobile-two-vulnerabilities-dated-08-07-2025-47661