Ivanti Endpoint Manager — known CVE vulnerabilities
Every CVE whose affected-product data names Ivanti Endpoint Manager, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (116)
CVE-2020-13774 — CVSS 9.9 (critical): An unrestricted file-upload issue in EditLaunchPadDialog.aspx in Ivanti Endpoint Manager 2019.1 and 2020.1 allows an authenticated attacker…
CVE-2024-50330 — CVSS 9.8 (critical): SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote…
CVE-2024-29847 — CVSS 9.8 (critical): Deserialization of untrusted data in the agent portal of Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote…
CVE-2023-28324 — CVSS 9.8 (critical): A improper input validation vulnerability exists in Ivanti Endpoint Manager 2022 and below that could allow privilege escalation or remote…
CVE-2023-28323 — CVSS 9.8 (critical): A deserialization of untrusted data exists in EPM 2022 Su3 and all prior versions that allows an unauthenticated user to elevate rights…
CVE-2022-27773 — CVSS 9.8 (critical): A privilege escalation vulnerability is identified in Ivanti EPM (LANDesk Management Suite) that allows a user to execute commands with…
CVE-2024-10811 — CVSS 9.8 (critical): Absolute path traversal in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a…
CVE-2019-10651 — CVSS 9.8 (critical): An issue was discovered in the Core Server in Ivanti Endpoint Manager (EPM) 2017.3 before SU7 and 2018.x before 2018.3 SU3, with remote…
CVE-2023-35084 — CVSS 9.8 (critical): Unsafe Deserialization of User Input could lead to Execution of Unauthorized Operations in Ivanti Endpoint Manager 2022 su3 and all…
CVE-2025-10573 — CVSS 9.6 (critical): Stored XSS in Ivanti Endpoint Manager prior to version 2024 SU4 SR1 allows a remote unauthenticated attacker to execute arbitrary…
CVE-2025-9713 — CVSS 8.8 (high): Path traversal in Ivanti Endpoint Manager before version 2024 SU4 allows a remote unauthenticated attacker to achieve remote code…
CVE-2023-39336 — CVSS 8.8 (high): An unspecified SQL Injection vulnerability in Ivanti Endpoint Manager released prior to 2022 SU 5 allows an attacker with access to the…
CVE-2025-9712 — CVSS 8.8 (high): Insufficient filename validation in Ivanti Endpoint Manager before 2024 SU3 SR1 and 2022 SU8 SR2 allows a remote unauthenticated attacker…
CVE-2017-11463 — CVSS 8.8 (high): In Ivanti Service Desk (formerly LANDESK Management Suite) versions between 2016.3 and 2017.3, an Unrestricted Direct Object Reference…
CVE-2024-50329 — CVSS 8.8 (high): Path traversal in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote…
CVE-2025-13659 — CVSS 8.8 (high): Improper control of dynamically managed code resources in Ivanti Endpoint Manager prior to version 2024 SU4 SR1 allows a remote…
CVE-2020-13769 — CVSS 8.8 (high): LDMS/alert_log.aspx in Ivanti Endpoint Manager through 2020.1 allows SQL Injection via a /remotecontrolauth/api/device request.
CVE-2024-29822 — CVSS 8.8 (high): An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the…
CVE-2024-29823 — CVSS 8.8 (high): An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the…
CVE-2024-29825 — CVSS 8.8 (high): An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the…
CVE-2024-29826 — CVSS 8.8 (high): An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the…
CVE-2024-29827 — CVSS 8.8 (high): An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the…
CVE-2026-8111 — CVSS 8.8 (high): SQL injection in the web console of Ivanti Endpoint Manager before version 2024 SU6 allows a remote authenticated attacker to achieve…
CVE-2025-9872 — CVSS 8.8 (high): Insufficient filename validation in Ivanti Endpoint Manager before 2024 SU3 SR1 and 2022 SU8 SR2 allows a remote unauthenticated attacker…
CVE-2025-6995 — CVSS 8.4 (high): Improper use of encryption in the agent of Ivanti Endpoint Manager before version 2024 SU3 and 2022 SU8 Security Update 1 allows a local…
CVE-2025-6996 — CVSS 8.4 (high): Improper use of encryption in the agent of Ivanti Endpoint Manager before version 2024 SU3 and 2022 SU8 Security Update 1 allows a local…
CVE-2024-37397 — CVSS 8.2 (high): An External XML Entity (XXE) vulnerability in the provisioning web service of Ivanti EPM before 2022 SU6, or the 2024 September update…
CVE-2025-22466 — CVSS 8.2 (high): Reflected XSS in Ivanti Endpoint Manager before version 2024 SU1 or before version 2022 SU7 allows a remote unauthenticated attacker to…
CVE-2024-29828 — CVSS 8.0 (high): An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an authenticated attacker within the same…
CVE-2024-37381 — CVSS 8.0 (high): An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2024 flat allows an authenticated attacker within the same network…
CVE-2024-29830 — CVSS 8.0 (high): An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an authenticated attacker within the same…
CVE-2024-29829 — CVSS 8.0 (high): An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an authenticated attacker within the same…
CVE-2024-29846 — CVSS 8.0 (high): An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an authenticated attacker within the same…
CVE-2024-13164 — CVSS 7.8 (high): An uninitialized resource in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a…
CVE-2024-13169 — CVSS 7.8 (high): An out-of-bounds read in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a local…
CVE-2024-13171 — CVSS 7.8 (high): Insufficient filename validation in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update…
CVE-2024-13172 — CVSS 7.8 (high): Improper signature verification in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows…
CVE-2024-22058 — CVSS 7.8 (high): A buffer overflow allows a low privilege user on the local machine that has the EPM Agent installed to execute arbitrary code with elevated…
CVE-2022-35259 — CVSS 7.8 (high): XML Injection with Endpoint Manager 2022. 3 and below causing a download of a malicious file to run and possibly execute to gain…
CVE-2026-8110 — CVSS 7.8 (high): Incorrect permissions assignment in the agent of Ivanti Endpoint Manager before version 2024 SU6 allows a local authenticated attacker to…
CVE-2025-22458 — CVSS 7.8 (high): DLL hijacking in Ivanti Endpoint Manager before version 2024 SU1 or before version 2022 SU7 allows an authenticated attacker to escalate to…
CVE-2025-13662 — CVSS 7.8 (high): Improper verification of cryptographic signatures in the patch management component of Ivanti Endpoint Manager prior to version 2024 SU4…
CVE-2025-11622 — CVSS 7.8 (high): Insecure deserialization in Ivanti Endpoint Manager before version 2024 SU4 allows a local authenticated attacker to escalate their…
CVE-2024-50323 — CVSS 7.8 (high): SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a local…
CVE-2024-50322 — CVSS 7.8 (high): Path traversal in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a local…
CVE-2024-13163 — CVSS 7.8 (high): Deserialization of untrusted data in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update…
CVE-2024-8191 — CVSS 7.8 (high): SQL injection in the management console of Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote unauthenticated…
CVE-2020-13770 — CVSS 7.8 (high): Several services are accessing named pipes in Ivanti Endpoint Manager through 2020.1.1 with default or overly permissive security…
CVE-2020-13771 — CVSS 7.8 (high): Various components in Ivanti Endpoint Manager through 2020.1.1 rely on Windows search order when loading a (nonexistent) library file…
CVE-2024-34787 — CVSS 7.8 (high): Path traversal in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a local…
CVE-2023-38343 — CVSS 7.5 (high): An XXE (XML external entity injection) vulnerability exists in the CSEP component of Ivanti Endpoint Manager before 2022 SU4. External…
CVE-2023-35077 — CVSS 7.5 (high): An out-of-bounds write vulnerability on windows operating systems causes the Ivanti AntiVirus Product to crash. Update to Ivanti AV Product…
CVE-2024-13170 — CVSS 7.5 (high): An out-of-bounds write in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote…
CVE-2024-13165 — CVSS 7.5 (high): An out-of-bounds write in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote…
CVE-2024-13168 — CVSS 7.5 (high): An out-of-bounds write in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote…
CVE-2024-13166 — CVSS 7.5 (high): An out-of-bounds write in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote…
CVE-2024-13167 — CVSS 7.5 (high): An out-of-bounds write in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote…
CVE-2024-50326 — CVSS 7.2 (high): SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote…
CVE-2024-13158 — CVSS 7.2 (high): An unbounded resource search path in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update…
CVE-2024-13162 — CVSS 7.2 (high): SQL injection in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote…
CVE-2024-32839 — CVSS 7.2 (high): SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote…
CVE-2024-32840 — CVSS 7.2 (high): An unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker with admin…
CVE-2024-32841 — CVSS 7.2 (high): SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote…
CVE-2024-32842 — CVSS 7.2 (high): An unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker with admin…
CVE-2024-32843 — CVSS 7.2 (high): An unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker with admin…
CVE-2024-32844 — CVSS 7.2 (high): SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote…
CVE-2024-32845 — CVSS 7.2 (high): An unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker with admin…
CVE-2024-32846 — CVSS 7.2 (high): An unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker with admin…
CVE-2024-32847 — CVSS 7.2 (high): SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote…
CVE-2024-32848 — CVSS 7.2 (high): An unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker with admin…
CVE-2024-34779 — CVSS 7.2 (high): An unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker with admin…
CVE-2024-34780 — CVSS 7.2 (high): SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote…
CVE-2024-34781 — CVSS 7.2 (high): SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote…
CVE-2024-34782 — CVSS 7.2 (high): SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote…
CVE-2024-34783 — CVSS 7.2 (high): An unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker with admin…
CVE-2024-34784 — CVSS 7.2 (high): SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote…
CVE-2024-34785 — CVSS 7.2 (high): An unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker with admin…
CVE-2024-37376 — CVSS 7.2 (high): SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote…
CVE-2024-50324 — CVSS 7.2 (high): Path traversal in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote…
CVE-2024-50327 — CVSS 7.2 (high): SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote…
CVE-2024-50328 — CVSS 7.2 (high): SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote…
CVE-2025-22461 — CVSS 7.2 (high): SQL injection in Ivanti Endpoint Manager before version 2024 SU1 or before version 2022 SU7 allows a remote authenticated attacker with…
CVE-2025-7037 — CVSS 7.2 (high): SQL injection in Ivanti Endpoint Manager before version 2024 SU3 and 2022 SU8 Security Update 1 allows a remote authenticated attacker with…
CVE-2025-10918 — CVSS 7.1 (high): Insecure default permissions in the agent of Ivanti Endpoint Manager before version 2024 SU4 allows a local authenticated attacker to write…
CVE-2024-10256 — CVSS 7.1 (high): Insufficient permissions in Ivanti Patch SDK before version 9.7.703 allows a local authenticated attacker to delete arbitrary files.
CVE-2025-13661 — CVSS 7.1 (high): Path traversal in Ivanti Endpoint Manager prior to version 2024 SU4 SR1 allows a remote authenticated attacker to write arbitrary files…
CVE-2024-8441 — CVSS 6.7 (medium): An uncontrolled search path in the agent of Ivanti EPM before 2022 SU6, or the 2024 September update allows a local authenticated attacker…
CVE-2022-30121 — CVSS 6.7 (medium): The “LANDesk(R) Management Agent” service exposes a socket and once connected, it is possible to launch commands only for signed…
CVE-2023-35083 — CVSS 6.5 (medium): Allows an authenticated attacker with network access to read arbitrary files on Endpoint Manager recently discovered on 2022 SU3 and all…
CVE-2025-11623 — CVSS 6.5 (medium): SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the…
CVE-2023-38344 — CVSS 6.5 (medium): An issue was discovered in Ivanti Endpoint Manager before 2022 SU4. A file disclosure vulnerability exists in the GetFileContents SOAP…
CVE-2026-1602 — CVSS 6.5 (medium): SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the…
CVE-2025-62383 — CVSS 6.5 (medium): SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the…
CVE-2025-62384 — CVSS 6.5 (medium): SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the…
CVE-2025-62385 — CVSS 6.5 (medium): SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the…
CVE-2025-62386 — CVSS 6.5 (medium): SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the…
CVE-2025-62387 — CVSS 6.5 (medium): SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the…
CVE-2025-62388 — CVSS 6.5 (medium): SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the…
CVE-2025-62389 — CVSS 6.5 (medium): SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the…
CVE-2025-62390 — CVSS 6.5 (medium): SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the…
CVE-2025-62391 — CVSS 6.5 (medium): SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the…
CVE-2025-62392 — CVSS 6.5 (medium): SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the…
CVE-2026-8109 — CVSS 6.5 (medium): An exposed dangerous method on the Core Server of Ivanti Endpoint Manager before version 2024 SU6 allows a remote authenticated attacker to…
CVE-2025-22465 — CVSS 6.1 (medium): Reflected XSS in Ivanti Endpoint Manager before version 2024 SU1 or before version 2022 SU7 allows a remote unauthenticated attacker to…
CVE-2025-22464 — CVSS 6.1 (medium): An untrusted pointer dereference vulnerability in Ivanti Endpoint Manager before version 2024 SU1 or before version 2022 SU7 allows an…
CVE-2024-8321 — CVSS 5.8 (medium): Missing authentication in Network Isolation of Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote unauthenticated…
CVE-2020-13773 — CVSS 5.4 (medium): Ivanti Endpoint Manager through 2020.1.1 allows XSS via /LDMS/frm_splitfrm.aspx, /LDMS/licensecheck.aspx, /LDMS/frm_splitcollapse.aspx…
CVE-2020-13772 — CVSS 5.3 (medium): In /ldclient/ldprov.cgi in Ivanti Endpoint Manager through 2020.1.1, an attacker is able to disclose information about the server operating…
CVE-2024-8320 — CVSS 5.3 (medium): Missing authentication in Network Isolation of Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote unauthenticated…
CVE-2025-22459 — CVSS 4.8 (medium): Improper certificate validation in Ivanti Endpoint Manager before version 2024 SU1 or before version 2022 SU7 allows a remote…
CVE-2024-8322 — CVSS 4.3 (medium): Weak authentication in Patch Management of Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker…