Unrated severityNVD Advisory· Published Oct 13, 2025· Updated Feb 10, 2026
CVE-2025-62385
CVE-2025-62385
Description
SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database.
Affected products
2<= 2024 SU4+ 1 more
- (no CPE)range: <= 2024 SU4
- (no CPE)range: 2024 SU5
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.