DLL hijacking in Ivanti Endpoint Manager before version 2024 SU1 or before version 2022 SU7 allows an authenticated attacker to escalate to System.
2025-04-08T15:15:48.857
2025-05-17T06:15:17.870
Modified
3c1d8aa1-5a33-4ea4-8992-aadd6440af75
CVSSv3.1: 7.8 (HIGH)
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | ivanti | endpoint_manager | < 2022 | Yes |
| Application | ivanti | endpoint_manager | 2022 | Yes |
| Application | ivanti | endpoint_manager | 2022 | Yes |
| Application | ivanti | endpoint_manager | 2022 | Yes |
| Application | ivanti | endpoint_manager | 2022 | Yes |
| Application | ivanti | endpoint_manager | 2022 | Yes |
| Application | ivanti | endpoint_manager | 2022 | Yes |
| Application | ivanti | endpoint_manager | 2022 | Yes |
| Application | ivanti | endpoint_manager | 2024 | Yes |