Urgent Alert: CISA Identifies Actively Exploited Vulnerabilities in Ivanti Endpoint Manager and Advantive VeraCore
CISA Warns of Exploited Vulnerabilities in Ivanti Endpoint Manager: Urgent Patching Required
In a stark alert for businesses relying on Ivanti Endpoint Manager (EPM), the Cybersecurity and Infrastructure Security Agency (CISA) has cataloged five known vulnerabilities, three of which are particularly critical EPM flaws. Recent assessments suggest these vulnerabilities are not just theoretical risks—active exploitation is already underway.
The vulnerabilities include two SQL injection issues affecting Advantive VeraCore (CVE-2025-25181 and CVE-2024-57968) as well as three absolute path traversal vulnerabilities within Ivanti’s software (CVE-2024-13159, CVE-2024-13160, CVE-2024-13161). The ramifications are significant; these flaws allow remote, unauthenticated attackers potential full server access, raising alarms for companies across the federal landscape and beyond.
Heath Renfrow, CISO and Co-founder at Fenix24, emphasized the urgency of addressing these vulnerabilities, stating, “Given our recent experiences with Ivanti’s vulnerabilities, rapid patching and continuous hardening are imperative to mitigating organizational risk.”
Chris Gray, Field CTO at Deepwatch, painted a vivid metaphor for the situation, likening unpatched systems to a broken lock at home: “The dangers in not patching these flaws are very simple. Are you hoping that they’ll pick someone else?” Gray urged organizations to act immediately, suggesting that any systems susceptible to these vulnerabilities should be considered compromised.
With over 400,000 companies leveraging Ivanti’s technologies—ranging from virtual private networks to identity and access management—malicious actors see an abundance of opportunities. Experts underline that organizations must not only act swiftly to patch but also proactively search for any signs of compromise dating back to the vulnerabilities’ public disclosures.
As the cyber landscape continues to evolve, vigilance and proactive measures are more essential than ever. Companies must heed CISA’s warning and prioritize immediate actions to secure their systems.
