Path Traversal Vulnerability in Ivanti Endpoint Manager by Ivanti
CVE-2025-9713

8.8HIGH

Key Information:

Vendor: Ivanti
Status: Endpoint Manager
Vendor: CVE Published:; 13 October 2025

What is CVE-2025-9713?

A vulnerability in Ivanti Endpoint Manager allows a remote unauthenticated attacker to exploit a path traversal issue, potentially leading to remote code execution. Successful exploitation requires user interaction, highlighting the importance of vigilance in user activity and system security measures. Users and administrators are encouraged to review the security advisory from Ivanti for mitigation steps and to ensure their systems remain secure against this threat.

Affected Version(s)

Endpoint Manager 2024 SU3 SR1

Endpoint Manager 2022 SU8 SR2

References

https://forums.ivanti.com/s/article/Security-Advisory-Iva...

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 13, 2025
Vulnerability Reserved
Aug 29, 2025

JSON