CVE-2025-6770: 
Ivanti Endpoint Manager Mobile vulnerability analysis and mitigation

A critical OS command injection vulnerability (CVE-2025-6770) was discovered in Ivanti Endpoint Manager Mobile (EPMM) affecting versions before 12.5.0.2. The vulnerability was disclosed on July 8, 2025, and affects multiple versions of the software including versions up to 12.3.0.3, versions 12.4.0.0 to 12.4.0.3, and versions 12.5.0.0 to 12.5.0.2 (NVD, ASEC Advisory).

The vulnerability is classified as CWE-78 (Improper Neutralization of Special Elements used in an OS Command). It received a CVSS v3.1 base score of 7.2 (High), with the following vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H. This indicates that the vulnerability is network-accessible, requires low attack complexity, but needs high privileges to exploit, with no user interaction required (NVD).

If successfully exploited, this vulnerability allows a remote authenticated attacker with high privileges to achieve remote code execution on the affected system. The high CVSS score indicates significant potential impact on the confidentiality, integrity, and availability of the system (NVD).

Ivanti has released patches to address this vulnerability. Users are advised to upgrade to version 12.5.0.2 or later. Specific patch versions have been made available: version 12.5.0.2 for the latest branch, version 12.4.0.3 for the 12.4 branch, and version 12.3.0.3 for the 12.3 branch (ASEC Advisory).