High severity8.8NVD Advisory· Published Sep 9, 2025· Updated Jun 17, 2026
CVE-2025-9712
CVE-2025-9712
Description
Insufficient filename validation in Ivanti Endpoint Manager before 2024 SU3 SR1 and 2022 SU8 SR2 allows a remote unauthenticated attacker to achieve remote code execution. User interaction is required.
Affected products
3- Range: <2024 SU3 SR1 and <2022 SU8 SR2
- Range: 2024 SU3 Security Release 1
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.