Security Advisory

CVE-2025-9872

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-09-09 15:11:13

Last updated 2026-02-26 17:49:04

Assigner ivanti

State PUBLISHED

Description

Insufficient filename validation in Ivanti Endpoint Manager before 2024 SU3 SR1 and 2022 SU8 SR2 allows a remote unauthenticated attacker to achieve remote code execution. User interaction is required.

← Browse all CVEs View on cve.org ↗