Path Traversal Vulnerability in Ivanti Endpoint Manager
CVE-2025-13661
7.1HIGH
What is CVE-2025-13661?
A path traversal vulnerability exists in Ivanti Endpoint Manager before version 2024 SU4 SR1, allowing a remote authenticated attacker to manipulate file paths. This flaw enables the attacker to write arbitrary files outside the intended directory, potentially compromising the system's integrity. User interaction is necessary for exploitation, making it crucial for administrators to apply the recommended updates to safeguard against such attacks.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
Affected Version(s)
Endpoint Manager 2024 SU4 SR1
References
CVSS V3.1
Score:
7.1
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved