Shodan
Vulnerabilities
Vulnerable Software
Ivanti:  Security Vulnerabilities
CVE-2025-10242
OS command injection in the admin panel of Ivanti EPMM before version 12.6.0.2, 12.5.0.4, and 12.4.0.4 allows a remote authenticated attacker with admin privileges to achieve remote code execution.
CVSS Score
7.2
EPSS Score
0.042
Published
2025-10-14
CVE-2025-10243
OS command injection in the admin panel of Ivanti EPMM before version 12.6.0.2, 12.5.0.4, and 12.4.0.4 allows a remote authenticated attacker with admin privileges to achieve remote code execution.
CVSS Score
7.2
EPSS Score
0.042
Published
2025-10-14
CVE-2025-10985
OS command injection in the admin panel of Ivanti EPMM before version 12.6.0.2, 12.5.0.4, and 12.4.0.4 allows a remote authenticated attacker with admin privileges to achieve remote code execution.
CVSS Score
7.2
EPSS Score
0.042
Published
2025-10-14
CVE-2025-10986
Path traversal in the admin panel of Ivanti EPMM before version 12.6.0.2, 12.5.0.4, and 12.4.0.4 allows a remote authenticated attacker with admin privileges to write data in unintended locations on disk.
CVSS Score
4.7
EPSS Score
0.007
Published
2025-10-14
CVE-2025-62388
SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database.
CVSS Score
6.5
EPSS Score
0.003
Published
2025-10-13
CVE-2025-62389
SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database.
CVSS Score
6.5
EPSS Score
0.003
Published
2025-10-13
CVE-2025-62390
SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database.
CVSS Score
6.5
EPSS Score
0.003
Published
2025-10-13
CVE-2025-62391
SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database.
CVSS Score
6.5
EPSS Score
0.003
Published
2025-10-13
CVE-2025-62392
SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database.
CVSS Score
6.5
EPSS Score
0.003
Published
2025-10-13
CVE-2025-62383
SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database.
CVSS Score
6.5
EPSS Score
0.003
Published
2025-10-13


Products
Pricing
Contact Us

Shodan ® - All rights reserved