heise PlusAbo
Anzeige

Ivanti Endpoint Manager: Attackers can write data to hard drive

The device management software Ivanti Endpoint Manager is vulnerable. The developers have closed a gap in a recent version.

listen Print view
An obligatory sign reminds you to make updates.

(Image: Artur Szczybylo/Shutterstock.com)

1 min. read
Security
By

Attackers can exploit a software vulnerability in Ivanti Endpoint Manager (EPM). A security patch is available.

Protecting Systems

With EPM, administrators manage computers in companies. This makes it a lucrative target for a cyberattack. The vulnerability listed in a security advisory (CVE-2025-9713 "high") enables attackers to write files to the hard drives of victim PCs. How this could happen in detail is currently unclear. The developers assure that there are currently no indications of attacks.

Videos by heise

According to their own statements, they have closed the vulnerability in EPM 2024 SU4. In a security advisory, the developers point out that support for the EPM version branch 2022 expired in October of this year. The version is now no longer receiving security updates and therefore poses a risk. Administrators should upgrade to a still-supported version promptly.

(des)

Don't miss any news – follow us on Facebook, LinkedIn or Mastodon.

This article was originally published in German. It was translated with technical assistance and editorially reviewed before publication.

Beliebte Bestenlisten

Alle Angebote
Newsletter heise-Bot heise-Bot Push Nachrichten Push Push-Nachrichten