Ivanti’s New Software Flaw: When Your Endpoint Manager Wants to Manage You!

Ivanti urges users to patch a critical Endpoint Manager vulnerability, CVE-2025-10573, which lets attackers remotely execute malicious JavaScript. With Ivanti’s EPM meant to stay offline, the risk is lowered. But hey, Shadowserver found hundreds of internet-facing instances. It’s like leaving your castle gate open and hoping no one notices.

3P
Published: December 9, 2025 5:12 pmAdded: December 9, 2025 at 9:50 amAssembled by: The Editor
Pro Dashboard

Hot Take:

Ivanti’s Endpoint Manager has more holes than a slice of Swiss cheese! With its vulnerability roadshow hitting a new peak, it’s time for IT administrators to buckle up, patch up, and pray for an exploit-free day. If your job is managing endpoints, this news is your cue to start running faster than a caffeinated squirrel.

Key Points:

  • Ivanti’s Endpoint Manager (EPM) has a critical vulnerability allowing remote code execution.
  • The flaw, tracked as CVE-2025-10573, involves cross-site scripting requiring user interaction.
  • Ivanti released a patch (EPM 2024 SU4 SR1) to tackle the issue.
  • Additional high-severity vulnerabilities (CVE-2025-13659, CVE-2025-13662) were also disclosed.
  • Shadowserver tracks hundreds of Internet-facing Ivanti EPM instances, mostly in the US.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?