How severe is CVE-2025-13659?

CVE-2025-13659 has a CVSS v3 score of 8.8 (HIGH).

CVE-2025-13659

Name: endpoint_manager
Author: ivanti

8.8HIGH

Improper control of dynamically managed code resources in Ivanti Endpoint Manager prior to version 2024 SU4 SR1 allows a remote, unauthenticated attacker to write arbitrary files on the server, potent

Опубликовано: 12/9/2025Обновлено: 12/11/2025

Описание

Improper control of dynamically managed code resources in Ivanti Endpoint Manager prior to version 2024 SU4 SR1 allows a remote, unauthenticated attacker to write arbitrary files on the server, potentially leading to remote code execution. User interaction is required.

ИИ-АнализНа базе ИИ

Затронутые продукты

ivantiendpoint_manager

2024

ivantiendpoint_manager

2024

ivantiendpoint_manager

2024

ivantiendpoint_manager

2024

ivantiendpoint_manager

2024

ivantiendpoint_manager

2024

Ссылки

https://forums.ivanti.com/s/article/Security-Advisory-EPM-December-2025-for-EPM-2024
Vendor Advisory