Unrated severityNVD Advisory· Published Dec 9, 2025· Updated Feb 26, 2026
CVE-2025-13661
CVE-2025-13661
Description
Path traversal in Ivanti Endpoint Manager prior to version 2024 SU4 SR1 allows a remote authenticated attacker to write arbitrary files outside of the intended directory. User interaction is required.
Affected products
2< 2024 SU4 SR1+ 1 more
- (no CPE)range: < 2024 SU4 SR1
- (no CPE)range: 2024 SU4 SR1
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.