Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Ivanti — Vulnerabilities & Security Advisories 363

Browse all 363 CVE security advisories affecting Ivanti. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Ivanti provides enterprise IT service management and endpoint management solutions, primarily facilitating workflow automation and device control for large organizations. The company’s software portfolio has historically been a significant target for attackers, resulting in a substantial record of 358 Common Vulnerabilities and Exposures. These security flaws frequently involve critical classes such as remote code execution, cross-site scripting, and privilege escalation, often stemming from complex integrations within its service management platforms. A notable incident occurred in 2021 when the SambaCry vulnerability allowed unauthenticated remote code execution, compromising thousands of systems globally. This event underscored the risks associated with legacy codebases and insufficient patch management cycles. Consequently, Ivanti has faced intense scrutiny regarding its development practices and incident response capabilities, prompting industry-wide recommendations for immediate isolation and rigorous vulnerability scanning of affected endpoints to mitigate potential data breaches and operational disruptions.

Top products by Ivanti: Avalanche Endpoint Manager Connect Secure EPM Endpoint Manager Mobile Secure Access Client EPMM Workspace Control CSA (Cloud Services Appliance) ICS Cloud Services Application ITSM Wavelink DSM Sentry Desktop and Server Management Neurons for ITSM (On-Premise) MobileIron Core Ivanti Endpoint Manager Secure Access Linux Secure Access Client Windows Automation Desktop & Server Management (DSM) Connect Secure 22.7R2.9 Connect Secure before Virtual Application Delivery ControllerCWE-862 Policy Secure Neurons for ITSM (on-prem) LANDesk Management Suite Security Controls
CVE IDTitleCVSSSeverityPublished
CVE-2025-0293 Ivanti Connect Secure和Ivanti Policy Secure 注入漏洞 — Connect SecureCWE-93 6.6 Medium2025-07-08
CVE-2025-5464 Ivanti Connect Secure 日志信息泄露漏洞 — Connect SecureCWE-532 6.5 Medium2025-07-08
CVE-2025-6770 OS command injection in Ivanti Endpoint Manager — Endpoint Manager MobileCWE-78 7.2 High2025-07-08
CVE-2025-5463 Ivanti Connect Secure 日志信息泄露漏洞 — Connect SecureCWE-532 5.5 Medium2025-07-08
CVE-2025-5451 Ivanti Connect Secure 安全漏洞 — Connect SecureCWE-121 4.9 Medium2025-07-08
CVE-2025-5450 Ivanti Connect Secure和Ivanti Policy Secure 安全漏洞 — Connect SecureCWE-602 6.3 Medium2025-07-08
CVE-2025-7037 SQL injection in Ivanti Endpoint Manager — Endpoint ManagerCWE-89 7.2 High2025-07-08
CVE-2025-6996 Improper Encryption in Ivanti Endpoint Manager — Endpoint ManagerCWE-257 8.4 High2025-07-08
CVE-2025-6995 Improper Encryption in Ivanti Endpoint Manager — Endpoint ManagerCWE-257 8.4 High2025-07-08
CVE-2025-5353 Ivanti Workspace Control 安全漏洞 — Workspace ControlCWE-321 8.8 High2025-06-10
CVE-2025-22463 Ivanti Workspace Control 安全漏洞 — Workspace ControlCWE-321 7.3 High2025-06-10
CVE-2025-22455 Ivanti Workspace Control 安全漏洞 — Workspace ControlCWE-321 8.8 High2025-06-10
CVE-2025-4428 Remote Code Execution — Endpoint Manager MobileCWE-94 7.2 High2025-05-13
CVE-2025-4427 Authentication Bypass — Endpoint Manager MobileCWE-288 5.3 Medium2025-05-13
CVE-2025-22462 Ivanti Neurons for ITSM 安全漏洞 — Neurons for ITSM (on-prem)CWE-288 9.8 Critical2025-05-13
CVE-2025-22460 Ivanti Cloud Services Application 安全漏洞 — CSA (Cloud Services Appliance)CWE-1392 7.8 High2025-05-13
CVE-2025-43716 Ivanti LANDesk Management Gateway 安全漏洞 — LANDesk Management SuiteCWE-180 5.8 Medium2025-04-23
CVE-2025-22466 Ivanti Endpoint Manager 跨站脚本漏洞 — Endpoint ManagerCWE-79 8.2 High2025-04-08
CVE-2025-22465 Ivanti Endpoint Manager 跨站脚本漏洞 — Endpoint ManagerCWE-79 6.1 Medium2025-04-08
CVE-2025-22464 Ivanti Endpoint Manager 安全漏洞 — Endpoint ManagerCWE-822 6.1 Medium2025-04-08
CVE-2025-22461 Ivanti Endpoint Manager SQL注入漏洞 — Endpoint ManagerCWE-89 7.2 High2025-04-08
CVE-2025-22459 Ivanti Endpoint Manager 安全漏洞 — Endpoint ManagerCWE-296 4.8 Medium2025-04-08
CVE-2025-22458 Ivanti Endpoint Manager 代码问题漏洞 — Endpoint ManagerCWE-427 7.8 High2025-04-08
CVE-2025-22457 Ivanti Connect Secure 安全漏洞 — Connect SecureCWE-121 9.0 Critical2025-04-03
CVE-2025-22454 Ivanti Secure Access Client 安全漏洞 — Secure Access ClientCWE-732 7.8 High2025-03-11
CVE-2024-38657 Ivanti Connect Secure和Ivanti Policy Secure 安全漏洞 — Connect Secure 4.9 -2025-02-21
CVE-2024-13813 Ivanti Secure Access Client 安全漏洞 — Secure Access ClientCWE-732 7.1 High2025-02-11
CVE-2024-13843 Ivanti Connect Secure 安全漏洞 — Connect SecureCWE-312 6.0 Medium2025-02-11
CVE-2024-13842 Ivanti Connect Secure 安全漏洞 — Connect SecureCWE-321 6.0 Medium2025-02-11
CVE-2024-13830 Ivanti Connect Secure 跨站脚本漏洞 — Connect SecureCWE-79 6.1 Medium2025-02-11

This page lists every published CVE security advisory associated with Ivanti. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.