OS command injection in Ivanti Endpoint Manager Mobile (EPMM) before version 12.5.0.2 allows a remote authenticated attacker with high privileges to achieve remote code execution
Metrics
Affected Vendors & Products
References
History
Tue, 08 Jul 2025 21:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Tue, 08 Jul 2025 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | OS command injection in Ivanti Endpoint Manager Mobile (EPMM) before version 12.5.0.2 allows a remote authenticated attacker with high privileges to achieve remote code execution | |
Title | OS command injection in Ivanti Endpoint Manager | |
Weaknesses | CWE-78 | |
References |
| |
Metrics |
cvssV3_1
|

Status: PUBLISHED
Assigner: ivanti
Published: 2025-07-08T15:02:57.754Z
Updated: 2025-07-08T20:38:57.238Z
Reserved: 2025-06-27T09:26:59.888Z
Link: CVE-2025-6770

Updated: 2025-07-08T20:38:53.602Z

Status : Awaiting Analysis
Published: 2025-07-08T15:15:33.287
Modified: 2025-07-08T16:18:14.207
Link: CVE-2025-6770

No data.