cvelistv5 - cve-2025-6996

CVE-2025-6996 (GCVE-0-2025-6996)

Vulnerability from cvelistv5

Published

2025-07-08 14:51

Modified

2025-07-08 15:14

Severity ?

8.4 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N

CWE

CWE-257 - : Storing Passwords in a Recoverable Format

Summary

Improper use of encryption in the agent of Ivanti Endpoint Manager before version 2024 SU3 and 2022 SU8 Security Update 1 allows a local authenticated attacker to decrypt other users’ passwords.

References

URL

Tags

3c1d8aa1-5a33-4ea4-8992-aadd6440af75

https://forums.ivanti.com/s/article/Security-Advisory-July-2025-for-Ivanti-EPM-2024-SU2-and-EPM-2022-SU8

Vendor Advisory

Impacted products

	Vendor	Product	Version
	Ivanti	Endpoint Manager

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-6996",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-08T15:14:01.674255Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-08T15:14:08.808Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "Endpoint Manager",
          "vendor": "Ivanti",
          "versions": [
            {
              "status": "unaffected",
              "version": "2024 SU3"
            },
            {
              "status": "unaffected",
              "version": "2022 SU8"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Improper use of encryption in the agent of Ivanti Endpoint Manager before version 2024 SU3 and 2022 SU8 Security Update 1 allows a local authenticated attacker to decrypt other users\u2019 passwords.\u0026nbsp;"
            }
          ],
          "value": "Improper use of encryption in the agent of Ivanti Endpoint Manager before version 2024 SU3 and 2022 SU8 Security Update 1 allows a local authenticated attacker to decrypt other users\u2019 passwords."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-97",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-97 Cryptanalysis"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 8.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-257",
              "description": "CWE-257 : Storing Passwords in a Recoverable Format",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-08T14:51:10.053Z",
        "orgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
        "shortName": "ivanti"
      },
      "references": [
        {
          "url": "https://forums.ivanti.com/s/article/Security-Advisory-July-2025-for-Ivanti-EPM-2024-SU2-and-EPM-2022-SU8"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Improper Encryption in Ivanti Endpoint Manager",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
    "assignerShortName": "ivanti",
    "cveId": "CVE-2025-6996",
    "datePublished": "2025-07-08T14:51:04.446Z",
    "dateReserved": "2025-07-01T21:36:25.728Z",
    "dateUpdated": "2025-07-08T15:14:08.808Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-6996\",\"sourceIdentifier\":\"3c1d8aa1-5a33-4ea4-8992-aadd6440af75\",\"published\":\"2025-07-08T15:15:33.860\",\"lastModified\":\"2025-07-11T17:24:18.300\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Improper use of encryption in the agent of Ivanti Endpoint Manager before version 2024 SU3 and 2022 SU8 Security Update 1 allows a local authenticated attacker to decrypt other users\u2019 passwords.\"},{\"lang\":\"es\",\"value\":\"El uso indebido del cifrado en el agente de Ivanti Endpoint Manager anterior a la versi\u00f3n 2024 SU3 y 2022 SU8 Security Update 1 permite que un atacante local autenticado descifre las contrase\u00f1as de otros usuarios.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"3c1d8aa1-5a33-4ea4-8992-aadd6440af75\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N\",\"baseScore\":8.4,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.0,\"impactScore\":5.8}]},\"weaknesses\":[{\"source\":\"3c1d8aa1-5a33-4ea4-8992-aadd6440af75\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-257\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:endpoint_manager:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2022\",\"matchCriteriaId\":\"B1F6549B-CF5D-4607-B67D-5489905A1705\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:endpoint_manager:2022:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"46580865-5177-4E55-BDAC-73DA4B472B35\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:endpoint_manager:2022:su1:*:*:*:*:*:*\",\"matchCriteriaId\":\"E57E12B5-B789-450C-9476-6C4C151E6993\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:endpoint_manager:2022:su2:*:*:*:*:*:*\",\"matchCriteriaId\":\"E47C65B3-56DD-4D65-8B4B-6AFFE28E94F2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:endpoint_manager:2022:su3:*:*:*:*:*:*\",\"matchCriteriaId\":\"10D6EAB7-B14B-45E9-92B9-4FADFBBB08AF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:endpoint_manager:2022:su4:*:*:*:*:*:*\",\"matchCriteriaId\":\"1877FB55-76BA-4714-ABB8-47258132F537\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:endpoint_manager:2022:su5:*:*:*:*:*:*\",\"matchCriteriaId\":\"4F9E8D45-5F12-4D45-A74E-C314FA3618A3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:endpoint_manager:2022:su6:*:*:*:*:*:*\",\"matchCriteriaId\":\"5BB1FEE4-8B72-42A4-A7E1-DB3B10CE5CEE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:endpoint_manager:2022:su7:*:*:*:*:*:*\",\"matchCriteriaId\":\"4E5C570D-1AAF-4C0E-A366-429BB882B0F6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:endpoint_manager:2022:su8:*:*:*:*:*:*\",\"matchCriteriaId\":\"11246AEA-81CE-4814-98F0-9C9CA97FBCC5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:endpoint_manager:2024:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"6C7283FE-C10A-4E37-B004-15FB0CAC49A5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:endpoint_manager:2024:su1:*:*:*:*:*:*\",\"matchCriteriaId\":\"FC51EEA2-1C4C-4069-9704-7ACFE4773930\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:endpoint_manager:2024:su2:*:*:*:*:*:*\",\"matchCriteriaId\":\"E1EF5E1B-9377-49D3-9BE3-62FC78E666A3\"}]}]}],\"references\":[{\"url\":\"https://forums.ivanti.com/s/article/Security-Advisory-July-2025-for-Ivanti-EPM-2024-SU2-and-EPM-2022-SU8\",\"source\":\"3c1d8aa1-5a33-4ea4-8992-aadd6440af75\",\"tags\":[\"Vendor Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-6996\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-07-08T15:14:01.674255Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-07-08T15:14:05.085Z\"}}], \"cna\": {\"title\": \"Improper Encryption in Ivanti Endpoint Manager\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"impacts\": [{\"capecId\": \"CAPEC-97\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-97 Cryptanalysis\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 8.4, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Ivanti\", \"product\": \"Endpoint Manager\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"2024 SU3\"}, {\"status\": \"unaffected\", \"version\": \"2022 SU8\"}], \"defaultStatus\": \"affected\"}], \"references\": [{\"url\": \"https://forums.ivanti.com/s/article/Security-Advisory-July-2025-for-Ivanti-EPM-2024-SU2-and-EPM-2022-SU8\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Improper use of encryption in the agent of Ivanti Endpoint Manager before version 2024 SU3 and 2022 SU8 Security Update 1 allows a local authenticated attacker to decrypt other users\\u2019 passwords.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Improper use of encryption in the agent of Ivanti Endpoint Manager before version 2024 SU3 and 2022 SU8 Security Update 1 allows a local authenticated attacker to decrypt other users\\u2019 passwords.\u0026nbsp;\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-257\", \"description\": \"CWE-257 : Storing Passwords in a Recoverable Format\"}]}], \"providerMetadata\": {\"orgId\": \"3c1d8aa1-5a33-4ea4-8992-aadd6440af75\", \"shortName\": \"ivanti\", \"dateUpdated\": \"2025-07-08T14:51:10.053Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2025-6996\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-07-08T15:14:08.808Z\", \"dateReserved\": \"2025-07-01T21:36:25.728Z\", \"assignerOrgId\": \"3c1d8aa1-5a33-4ea4-8992-aadd6440af75\", \"datePublished\": \"2025-07-08T14:51:04.446Z\", \"assignerShortName\": \"ivanti\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

fkie_cve-2025-6996

Vulnerability from fkie_nvd

Published

2025-07-08 15:15

Modified

2025-07-11 17:24

Severity ?

8.4 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N

Summary

Improper use of encryption in the agent of Ivanti Endpoint Manager before version 2024 SU3 and 2022 SU8 Security Update 1 allows a local authenticated attacker to decrypt other users’ passwords.

References

	URL	Tags
	3c1d8aa1-5a33-4ea4-8992-aadd6440af75	https://forums.ivanti.com/s/article/Security-Advisory-July-2025-for-Ivanti-EPM-2024-SU2-and-EPM-2022-SU8	Vendor Advisory

Impacted products

Vendor	Product	Version
ivanti	endpoint_manager	*
ivanti	endpoint_manager	2022
ivanti	endpoint_manager	2022
ivanti	endpoint_manager	2022
ivanti	endpoint_manager	2022
ivanti	endpoint_manager	2022
ivanti	endpoint_manager	2022
ivanti	endpoint_manager	2022
ivanti	endpoint_manager	2022
ivanti	endpoint_manager	2022
ivanti	endpoint_manager	2024
ivanti	endpoint_manager	2024
ivanti	endpoint_manager	2024

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ivanti:endpoint_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1F6549B-CF5D-4607-B67D-5489905A1705",
              "versionEndExcluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:endpoint_manager:2022:-:*:*:*:*:*:*",
              "matchCriteriaId": "46580865-5177-4E55-BDAC-73DA4B472B35",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:endpoint_manager:2022:su1:*:*:*:*:*:*",
              "matchCriteriaId": "E57E12B5-B789-450C-9476-6C4C151E6993",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:endpoint_manager:2022:su2:*:*:*:*:*:*",
              "matchCriteriaId": "E47C65B3-56DD-4D65-8B4B-6AFFE28E94F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:endpoint_manager:2022:su3:*:*:*:*:*:*",
              "matchCriteriaId": "10D6EAB7-B14B-45E9-92B9-4FADFBBB08AF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:endpoint_manager:2022:su4:*:*:*:*:*:*",
              "matchCriteriaId": "1877FB55-76BA-4714-ABB8-47258132F537",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:endpoint_manager:2022:su5:*:*:*:*:*:*",
              "matchCriteriaId": "4F9E8D45-5F12-4D45-A74E-C314FA3618A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:endpoint_manager:2022:su6:*:*:*:*:*:*",
              "matchCriteriaId": "5BB1FEE4-8B72-42A4-A7E1-DB3B10CE5CEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:endpoint_manager:2022:su7:*:*:*:*:*:*",
              "matchCriteriaId": "4E5C570D-1AAF-4C0E-A366-429BB882B0F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:endpoint_manager:2022:su8:*:*:*:*:*:*",
              "matchCriteriaId": "11246AEA-81CE-4814-98F0-9C9CA97FBCC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:endpoint_manager:2024:-:*:*:*:*:*:*",
              "matchCriteriaId": "6C7283FE-C10A-4E37-B004-15FB0CAC49A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:endpoint_manager:2024:su1:*:*:*:*:*:*",
              "matchCriteriaId": "FC51EEA2-1C4C-4069-9704-7ACFE4773930",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ivanti:endpoint_manager:2024:su2:*:*:*:*:*:*",
              "matchCriteriaId": "E1EF5E1B-9377-49D3-9BE3-62FC78E666A3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Improper use of encryption in the agent of Ivanti Endpoint Manager before version 2024 SU3 and 2022 SU8 Security Update 1 allows a local authenticated attacker to decrypt other users\u2019 passwords."
    },
    {
      "lang": "es",
      "value": "El uso indebido del cifrado en el agente de Ivanti Endpoint Manager anterior a la versi\u00f3n 2024 SU3 y 2022 SU8 Security Update 1 permite que un atacante local autenticado descifre las contrase\u00f1as de otros usuarios."
    }
  ],
  "id": "CVE-2025-6996",
  "lastModified": "2025-07-11T17:24:18.300",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "NONE",
          "baseScore": 8.4,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.0,
        "impactScore": 5.8,
        "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-07-08T15:15:33.860",
  "references": [
    {
      "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://forums.ivanti.com/s/article/Security-Advisory-July-2025-for-Ivanti-EPM-2024-SU2-and-EPM-2022-SU8"
    }
  ],
  "sourceIdentifier": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-257"
        }
      ],
      "source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
      "type": "Primary"
    }
  ]
}

ghsa-ww5w-xr5v-2967

Vulnerability from github

Published

2025-07-08 15:32

Modified

2025-07-08 15:32

Severity ?

8.4 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N

Details

Improper use of encryption in the agent of Ivanti Endpoint Manager before version 2024 SU3 and 2022 SU8 Security Update 1 allows a local authenticated attacker to decrypt other users’ passwords.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2025-6996"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-257"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-07-08T15:15:33Z",
    "severity": "HIGH"
  },
  "details": "Improper use of encryption in the agent of Ivanti Endpoint Manager before version 2024 SU3 and 2022 SU8 Security Update 1 allows a local authenticated attacker to decrypt other users\u2019 passwords.",
  "id": "GHSA-ww5w-xr5v-2967",
  "modified": "2025-07-08T15:32:04Z",
  "published": "2025-07-08T15:32:04Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6996"
    },
    {
      "type": "WEB",
      "url": "https://forums.ivanti.com/s/article/Security-Advisory-July-2025-for-Ivanti-EPM-2024-SU2-and-EPM-2022-SU8"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

cnvd-2025-18155

Vulnerability from cnvd

Title

Ivanti Endpoint Manager加密使用不当漏洞（CNVD-2025-18155）

Description

Ivanti Endpoint Manager是Ivanti公司开发的一款综合性端点管理解决方案，主要用于管理企业网络中的所有端点设备。 Ivanti Endpoint Manager存在加密使用不当漏洞，攻击者可利用该漏洞解密其他用户密码。

Severity

中

Patch Name

Ivanti Endpoint Manager加密使用不当漏洞（CNVD-2025-18155）的补丁

Patch Description

Ivanti Endpoint Manager是Ivanti公司开发的一款综合性端点管理解决方案，主要用于管理企业网络中的所有端点设备。 Ivanti Endpoint Manager存在加密使用不当漏洞，攻击者可利用该漏洞解密其他用户密码。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

目前厂商已发布升级程序修复该安全问题，详情见厂商官网： https://forums.ivanti.com/s/article/Security-Advisory-July-2025-for-Ivanti-EPM-2024-SU2-and-EPM-2022-SU8

Reference

https://nvd.nist.gov/vuln/detail/CVE-2025-6996

Impacted products

Name
['Ivanti Endpoint Manager <=2022 SU8', 'Ivanti Endpoint Manager <=2024 SU2']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2025-6996",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2025-6996"
    }
  },
  "description": "Ivanti Endpoint Manager\u662fIvanti\u516c\u53f8\u5f00\u53d1\u7684\u4e00\u6b3e\u7efc\u5408\u6027\u7aef\u70b9\u7ba1\u7406\u89e3\u51b3\u65b9\u6848\uff0c\u4e3b\u8981\u7528\u4e8e\u7ba1\u7406\u4f01\u4e1a\u7f51\u7edc\u4e2d\u7684\u6240\u6709\u7aef\u70b9\u8bbe\u5907\u3002\n\nIvanti Endpoint Manager\u5b58\u5728\u52a0\u5bc6\u4f7f\u7528\u4e0d\u5f53\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u89e3\u5bc6\u5176\u4ed6\u7528\u6237\u5bc6\u7801\u3002",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u7a0b\u5e8f\u4fee\u590d\u8be5\u5b89\u5168\u95ee\u9898\uff0c\u8be6\u60c5\u89c1\u5382\u5546\u5b98\u7f51\uff1a\r\nhttps://forums.ivanti.com/s/article/Security-Advisory-July-2025-for-Ivanti-EPM-2024-SU2-and-EPM-2022-SU8",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2025-18155",
  "openTime": "2025-08-12",
  "patchDescription": "Ivanti Endpoint Manager\u662fIvanti\u516c\u53f8\u5f00\u53d1\u7684\u4e00\u6b3e\u7efc\u5408\u6027\u7aef\u70b9\u7ba1\u7406\u89e3\u51b3\u65b9\u6848\uff0c\u4e3b\u8981\u7528\u4e8e\u7ba1\u7406\u4f01\u4e1a\u7f51\u7edc\u4e2d\u7684\u6240\u6709\u7aef\u70b9\u8bbe\u5907\u3002\r\n\r\nIvanti Endpoint Manager\u5b58\u5728\u52a0\u5bc6\u4f7f\u7528\u4e0d\u5f53\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u89e3\u5bc6\u5176\u4ed6\u7528\u6237\u5bc6\u7801\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Ivanti Endpoint Manager\u52a0\u5bc6\u4f7f\u7528\u4e0d\u5f53\u6f0f\u6d1e\uff08CNVD-2025-18155\uff09\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Ivanti Endpoint Manager \u003c=2022 SU8",
      "Ivanti Endpoint Manager \u003c=2024 SU2"
    ]
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2025-6996",
  "serverity": "\u4e2d",
  "submitTime": "2025-07-21",
  "title": "Ivanti Endpoint Manager\u52a0\u5bc6\u4f7f\u7528\u4e0d\u5f53\u6f0f\u6d1e\uff08CNVD-2025-18155\uff09"
}

De multiples vulnérabilités ont été découvertes dans les produits Ivanti. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
Ivanti	Endpoint Manager Mobile (EPMM)	Endpoint Manager Mobile versions 12.3.0.x antérieures à 12.3.0.3
Ivanti	Endpoint Manager (EPM)	Endpoint Manager versions 2024 antérieures à 2024 SU3
Ivanti	Endpoint Manager (EPM)	Endpoint Manager versions 2022 antérieures à 2022 SU8 Security Update 1
Ivanti	Endpoint Manager Mobile (EPMM)	Endpoint Manager Mobile versions 12.5.0.x antérieures à 12.5.0.2
Ivanti	Connect Secure (ICS)	Connect Secure versions antérieures à 22.7R2.8
Ivanti	Endpoint Manager Mobile (EPMM)	Endpoint Manager Mobile versions 12.4.0.x antérieures à 12.4.0.3
Ivanti	Policy Secure (IPS)	Policy Secure versions antérieures à 22.7R1.5

References

Title

Publication Time

Tags

Bulletin de sécurité Ivanti Security-Advisory-Ivanti-Endpoint-Manager-Mobile-EPMM-CVE-2025-6770-CVE-2025-6771	2025-07-08	vendor-advisory
Bulletin de sécurité Ivanti July-Security-Advisory-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Multiple-CVEs	2025-07-08	vendor-advisory
Bulletin de sécurité Ivanti july-security-update-2025	2025-07-08	vendor-advisory
Bulletin de sécurité Ivanti Security-Advisory-July-2025-for-Ivanti-EPM-2024-SU2-and-EPM-2022-SU8	2025-07-08	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Endpoint Manager Mobile versions 12.3.0.x ant\u00e9rieures \u00e0 12.3.0.3",
      "product": {
        "name": "Endpoint Manager Mobile (EPMM)",
        "vendor": {
          "name": "Ivanti",
          "scada": false
        }
      }
    },
    {
      "description": "Endpoint Manager versions 2024 ant\u00e9rieures \u00e0 2024 SU3",
      "product": {
        "name": "Endpoint Manager (EPM)",
        "vendor": {
          "name": "Ivanti",
          "scada": false
        }
      }
    },
    {
      "description": "Endpoint Manager versions 2022 ant\u00e9rieures \u00e0 2022 SU8 Security Update 1",
      "product": {
        "name": "Endpoint Manager (EPM)",
        "vendor": {
          "name": "Ivanti",
          "scada": false
        }
      }
    },
    {
      "description": "Endpoint Manager Mobile versions 12.5.0.x ant\u00e9rieures \u00e0 12.5.0.2",
      "product": {
        "name": "Endpoint Manager Mobile (EPMM)",
        "vendor": {
          "name": "Ivanti",
          "scada": false
        }
      }
    },
    {
      "description": "Connect Secure versions ant\u00e9rieures \u00e0 22.7R2.8",
      "product": {
        "name": "Connect Secure (ICS)",
        "vendor": {
          "name": "Ivanti",
          "scada": false
        }
      }
    },
    {
      "description": "Endpoint Manager Mobile versions 12.4.0.x ant\u00e9rieures \u00e0 12.4.0.3",
      "product": {
        "name": "Endpoint Manager Mobile (EPMM)",
        "vendor": {
          "name": "Ivanti",
          "scada": false
        }
      }
    },
    {
      "description": "Policy Secure versions ant\u00e9rieures \u00e0 22.7R1.5",
      "product": {
        "name": "Policy Secure (IPS)",
        "vendor": {
          "name": "Ivanti",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2025-5450",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5450"
    },
    {
      "name": "CVE-2025-5451",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5451"
    },
    {
      "name": "CVE-2025-6771",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6771"
    },
    {
      "name": "CVE-2025-6996",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6996"
    },
    {
      "name": "CVE-2025-5463",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5463"
    },
    {
      "name": "CVE-2025-0292",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0292"
    },
    {
      "name": "CVE-2025-7037",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-7037"
    },
    {
      "name": "CVE-2025-0293",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0293"
    },
    {
      "name": "CVE-2025-5464",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5464"
    },
    {
      "name": "CVE-2025-6770",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6770"
    },
    {
      "name": "CVE-2025-6995",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6995"
    }
  ],
  "initial_release_date": "2025-07-09T00:00:00",
  "last_revision_date": "2025-07-09T00:00:00",
  "links": [],
  "reference": "CERTFR-2025-AVI-0574",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2025-07-09T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Injection SQL (SQLi)"
    },
    {
      "description": "Falsification de requ\u00eates c\u00f4t\u00e9 serveur (SSRF)"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Ivanti. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Ivanti",
  "vendor_advisories": [
    {
      "published_at": "2025-07-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Ivanti Security-Advisory-Ivanti-Endpoint-Manager-Mobile-EPMM-CVE-2025-6770-CVE-2025-6771",
      "url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Endpoint-Manager-Mobile-EPMM-CVE-2025-6770-CVE-2025-6771"
    },
    {
      "published_at": "2025-07-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Ivanti July-Security-Advisory-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Multiple-CVEs",
      "url": "https://forums.ivanti.com/s/article/July-Security-Advisory-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Multiple-CVEs"
    },
    {
      "published_at": "2025-07-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Ivanti july-security-update-2025",
      "url": "https://www.ivanti.com/blog/july-security-update-2025"
    },
    {
      "published_at": "2025-07-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Ivanti Security-Advisory-July-2025-for-Ivanti-EPM-2024-SU2-and-EPM-2022-SU8",
      "url": "https://forums.ivanti.com/s/article/Security-Advisory-July-2025-for-Ivanti-EPM-2024-SU2-and-EPM-2022-SU8"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2025-6996 (GCVE-0-2025-6996)

Vulnerability from cvelistv5

fkie_cve-2025-6996

Vulnerability from fkie_nvd

ghsa-ww5w-xr5v-2967

Vulnerability from github

cnvd-2025-18155

Vulnerability from cnvd

CERTFR-2025-AVI-0574

Vulnerability from certfr_avis

Solutions

Tags

Sightings

Nomenclature