CVE-2025-62385: 
Ivanti Endpoint Manager vulnerability analysis and mitigation

SQL injection vulnerability (CVE-2025-62385) was discovered in Ivanti Endpoint Manager that allows a remote authenticated attacker to read arbitrary data from the database. The vulnerability was disclosed on October 13, 2025 and affects Ivanti Endpoint Manager versions 2024 SU3 SR1 and prior (NVD).

The vulnerability is classified as CWE-89 (Improper Neutralization of Special Elements used in an SQL Command) with a CVSS v3.1 base score of 6.5 (MEDIUM) and vector string CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N. This indicates the vulnerability requires network access, low attack complexity, low privileges, no user interaction, and can result in high confidentiality impact without affecting integrity or availability (NVD).

Successful exploitation of this vulnerability allows an authenticated attacker to read arbitrary data from the database, potentially exposing sensitive information stored within the Ivanti Endpoint Manager system. The vulnerability has a high confidentiality impact, though it does not affect system integrity or availability (CIS Advisory).

Organizations should immediately update their Ivanti Endpoint Manager installations to versions after 2024 SU3 SR1. The vulnerability has been assigned a medium severity rating, and proper patch management is crucial for remediation. Organizations should also apply the principle of least privilege and implement network segmentation as additional security measures (CIS Advisory).