CNNVD-202510-1655 Information

CNNVD ID

CNNVD-202510-1655

Related CVE

CVE-2025-11622

• CNNVD Published: 2025-10-13

Description (Chinese)

Ivanti Endpoint Manager（EPM）是美国Ivanti公司的一套端点安全管理器。 Ivanti Endpoint Manager（EPM）存在代码问题漏洞，该漏洞源于不安全的反序列化，可能导致本地认证攻击者权限提升。

Description (English)

Ivanti Endpoint Manager (EPM) is an end-point security manager for Ivanti USA. Ivanti Endpoint Manager (EPM) has a code gap, which stems from unsafe back-sequencing, which may lead to an increase in local authority to certify attackers.

Hazard Level

Medium

Vulnerability Type

代码问题

Affected Vendor

Ivanti

Published

2025-10-13

Last Modified

2026-02-24

References

https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Endpoint-Manager-EPM-October-2025 https://access.redhat.com/security/cve/cve-2025-11622

Patch

https://www.ivanti.com/products/endpoint-manager