DLL Hijacking Vulnerability in Ivanti Endpoint Manager
CVE-2025-22458

7.8HIGH

Key Information:

Vendor

Ivanti
Status
Endpoint Manager
Vendor
CVE Published:
8 April 2025

Badges

📈 Score: 207👾 Exploit Exists📰 News Worthy

What is CVE-2025-22458?

CVE-2025-22458 is a DLL hijacking vulnerability that affects Ivanti Endpoint Manager, a software solution designed to help organizations manage and secure their endpoints. This vulnerability, found in versions prior to 2024 SU1 and 2022 SU7, could potentially allow an authenticated attacker to escalate their privileges to system level. If exploited, this could undermine the security posture of an organization, granting attackers unauthorized access to sensitive data and critical system controls.

Technical Details

The vulnerability involves a flaw in how Ivanti Endpoint Manager handles Dynamic Link Libraries (DLLs). An attacker with authenticated access can manipulate the DLL loading process to execute malicious code with elevated privileges, thereby gaining system-level access. This risk is particularly pronounced for organizations that rely on the compromised software to manage a large number of endpoints, as this could lead to widespread security breaches if left unaddressed.

Potential impact of CVE-2025-22458

  1. Unauthorized System Access: The ability for attackers to escalate privileges to system level poses a significant risk, as it could allow them to manipulate critical system configurations and access restricted resources.

  2. Data Breach Risk: With system-level access, attackers could potentially exfiltrate sensitive organizational data, leading to severe data breaches that could have legal, financial, and reputational ramifications.

  3. Increased Malware Propagation: Exploiting this vulnerability may enable attackers to install additional malware or ransomware on affected systems, further compromising the organization’s security and potentially leading to additional attacks within the network.

Affected Version(s)

Endpoint Manager 2024 SU1

Endpoint Manager 2024 SU1

Endpoint Manager 2022 SU7

News Articles

favicon imageGBHackers News

Ivanti Security Update Released for Multiple Critical Endpoint Manager RCE Vulnerabilities

Ivanti, a prominent enterprise software provider, has issued an urgent security advisory today addressing multiple vulnerabilities in its Endpoint Manager (EPM) products.

References

https://forums.ivanti.com/s/article/Security-Advisory-EPM...

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • 👾

    Exploit known to exist

  • 📰

    First article discovered by GBHackers News

  • Vulnerability published

  • Vulnerability Reserved

.