Shodan
Vulnerabilities
Vulnerable Software
Ivanti:  >> Endpoint Manager  >> 2020.1.1  Security Vulnerabilities
CVE-2025-62391
SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database.
CVSS Score
6.5
EPSS Score
0.002
Published
2025-10-13
CVE-2025-62392
SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database.
CVSS Score
6.5
EPSS Score
0.002
Published
2025-10-13
CVE-2025-62383
SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database.
CVSS Score
6.5
EPSS Score
0.002
Published
2025-10-13
CVE-2025-62384
SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database.
CVSS Score
6.5
EPSS Score
0.002
Published
2025-10-13
CVE-2025-62385
SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database.
CVSS Score
6.5
EPSS Score
0.002
Published
2025-10-13
CVE-2025-62386
SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database.
CVSS Score
6.5
EPSS Score
0.002
Published
2025-10-13
CVE-2025-62387
SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database.
CVSS Score
6.5
EPSS Score
0.002
Published
2025-10-13
CVE-2025-11623
SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database.
CVSS Score
6.5
EPSS Score
0.002
Published
2025-10-13
CVE-2025-9713
Path traversal in Ivanti Endpoint Manager before version 2024 SU4 allows a remote unauthenticated attacker to achieve remote code execution. User interaction is required.
CVSS Score
8.8
EPSS Score
0.012
Published
2025-10-13
CVE-2025-11622
Insecure deserialization in Ivanti Endpoint Manager before version 2024 SU4 allows a local authenticated attacker to escalate their privileges.
CVSS Score
7.8
EPSS Score
0.001
Published
2025-10-13


Products
Pricing
Contact Us

Shodan ® - All rights reserved