CVE-2025-7037
📛 CVE Title
SQL injection in Ivanti Endpoint Manager
Description
SQL injection in Ivanti Endpoint Manager before version 2024 SU3 and 2022 SU8 Security Update 1 allows a remote authenticated attacker with admin privileges to read arbitrary data from the database
Overview
- State
- PUBLISHED
- Assigner (CNA)
- ivanti
- CVSS severity
- HIGH
- CVSS score
- 7.2 / 10
- CVSS vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H- Effective score
- 7.2 / 10 HIGH source: CNA overview
- CWE(s)
-
CWE-89 - Reserved
- 2025-07-02
- Published
- 2025-07-08 16:54 UTC
- Last updated
- 2025-07-08 17:07 UTC
- Source
- https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2025/7xxx/CVE-2025-7037.json
- Linked Threat
- CVE-2025-7037 — SQL injection in Ivanti Endpoint Manager
NVD triage scoring NVD CVE 2.0
Layer NVD adds on top of the CNA's CVE record — published / last-modified timestamps, exploitability / impact subscores, and the FIRST.org EPSS probability that this CVE will be exploited in the wild in the next 30 days.
- NVD published
- 2025-07-08 15:15:34 UTC
- NVD last modified
- 2025-07-11 17:24:04 UTC
- NVD CVSS v3.1
- 7.2 / 10 HIGH source: 3c1d8aa1-5a33-4ea4-8992-aadd6440af75
- NVD CVSS vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H- Exploitability subscore
- 1.2 / 10
- Impact subscore
- 5.9 / 10
- EPSS score
- 0.0067 (probability of exploitation in next 30 days)
- EPSS percentile
- 71.58% vs all CVEs — higher = more likely to be exploited, as of 2026-05-25
NVD / KEV / EPSS data refreshed 2026-05-25 22:02 UTC. Re-run the 🛰 Backfill from NVD button above to refresh.
European Union Vulnerability Database ENISA EUVD
ENISA's official EU repository for curated vulnerability intelligence. Carries a separate identifier (EUVD-YYYY-NNNN) and frequently exposes an earlier-published description + CVSS than NVD does.
- EUVD ID
-
EUVD-2025-20506 - Assigner
- ivanti
- Published
- Jul 8, 2025, 2:54:42 PM
- Updated
- Jul 8, 2025, 3:07:12 PM
- EUVD base score (CVSS 3.1)
-
7.2 / 10
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H - EUVD-reported EPSS
- 0.6700
- Vendors
- Ivanti
- Products
-
Endpoint Manager (patch: 2022 SU8)Endpoint Manager (patch: 2024 SU3)
- Aliases
-
GHSA-4r3p-r3fh-c2xr
ENISA description: SQL injection in Ivanti Endpoint Manager before version 2024 SU3 and 2022 SU8 Security Update 1 allows a remote authenticated attacker with admin privileges to read arbitrary data from the database
Affected products (1)
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Ivanti | Endpoint Manager |
2024 SU3 (unaffected),
2022 SU8 (unaffected)
|
— |
Affected products — CPE 2.3 (13) NVD
NVD's normalized CPE 2.3 matchers, used by vendor tools (vulnerability scanners, asset managers) for automated detection. Compare with the CNA's free-text "Affected products" section above.
cpe:2.3:a:ivanti:endpoint_manager:*:*:*:*:*:*:*:*cpe:2.3:a:ivanti:endpoint_manager:2022:-:*:*:*:*:*:*cpe:2.3:a:ivanti:endpoint_manager:2022:su1:*:*:*:*:*:*cpe:2.3:a:ivanti:endpoint_manager:2022:su2:*:*:*:*:*:*cpe:2.3:a:ivanti:endpoint_manager:2022:su3:*:*:*:*:*:*cpe:2.3:a:ivanti:endpoint_manager:2022:su4:*:*:*:*:*:*cpe:2.3:a:ivanti:endpoint_manager:2022:su5:*:*:*:*:*:*cpe:2.3:a:ivanti:endpoint_manager:2022:su6:*:*:*:*:*:*cpe:2.3:a:ivanti:endpoint_manager:2022:su7:*:*:*:*:*:*cpe:2.3:a:ivanti:endpoint_manager:2022:su8:*:*:*:*:*:*cpe:2.3:a:ivanti:endpoint_manager:2024:-:*:*:*:*:*:*cpe:2.3:a:ivanti:endpoint_manager:2024:su1:*:*:*:*:*:*cpe:2.3:a:ivanti:endpoint_manager:2024:su2:*:*:*:*:*:*
Remediations (10)
Remediations are stored against the linked Threat row; the list below is deduplicated across both pages.
-
web:blog.qualys.com
EVALUATE Vendor-Suggested Mitigation with Policy Audit With Qualys Policy Audit's Out-of-the-Box Mitigation or Compensatory Controls, reduce the risk of a vulnerability being exploited because the remediation ( fix / patch ) cannot be done now; these security controls are not recommended by any industry standards, such as CIS, DISA-STIG.
2026-05-22 15:26 UTC -
web:cybersecuritynews.com
Microsoft has issued an emergency out-of-band (OOB) security update for .NET 10, releasing version 10.0.7 on April 21, 2026, to address a critical elevation of privilege vulnerability discovered in the Microsoft.AspNetCore.DataProtection NuGet package.
2026-05-22 15:26 UTC -
web:isc.sans.edu
Macs are affected as well, but a patch is currently only available for Windows. CVE - 2025 -49719: This vulnerability has already been made public. It does allow for information disclosure on a Microsoft SQL Server. To patch , you must patch the OLE DB Driver. CVE - 2025 -49717: Exploitation is considered less likely for this vulnerability.
2026-05-22 15:26 UTC -
web:portal.msrc.microsoft.com
The Security Update Guide provides information on the latest Microsoft security updates, helping users understand and address potential vulnerabilities effectively.
2026-05-22 15:26 UTC -
web:www.cisa.gov
Updated October 29, 2025 : CISA has updated this Alert to include revised information on vulnerable product identification, potential threat activity detections, and additional resources. Microsoft released an update to address a critical remote code execution vulnerability impacting Windows Server Update Service (WSUS) in Windows Server (2012, 2016, 2019, 2022, and 2025 ), CVE - 2025 -59287
2026-05-22 15:26 UTC -
web:www.computerworld.com
Each month, the team at Readiness analyzes the latest Patch Tuesday updates from Microsoft and provides detailed, actionable testing guidance. The company's Patch Tuesday release for February ...
2026-05-22 15:26 UTC -
web:www.ninjaone.com
Catalog of Microsoft KB updates with insights on performance & user sentiment. Find out what's working, what's not, & make informed decisions.
2026-05-22 15:26 UTC -
web:www.oracle.com
This Critical Patch Update contains 374 new security patches across the product families listed below. Please note that an MOS note summarizing the content of this Critical Patch Update and other Oracle Software Security Assurance activities is located at October 2025 Critical Patch Update: Executive Summary and Analysis.
2026-05-22 15:26 UTC -
web:www.rapid7.com
Microsoft has published 172 new vulnerabilities, including six zero-day vulnerabilities. Windows 10 moves past the end of support, sort of. Critical RCE in Windows Server Update Service.
2026-05-22 15:26 UTC -
web:www.techrepublic.com
A Windows 11 security update triggered Microsoft app sign-in failures, prompting an emergency patch and a manual workaround for affected users.
2026-05-22 15:26 UTC
Vendor references (1)
References embedded in the original CVE record by the assigning CNA.
MITRE references (1) cveawg.mitre.org
Pulled from MITRE's CVE Services API by the 🛰 Backfill from MITRE button.
Web references (0)
DuckDuckGo results ranked by threat-intel / vendor advisory domains. Generated by the 🔎 Find references (web) button above — same flow as the Remediations search.
No web references attached yet.
NVD-tagged references (1)
Reference list NVD curates from the CNA record, vendor advisories, and third-party reports. The tag chips below are NVD's analyst-assigned categories.
- https://forums.ivanti.com/s/article/Security-Advisory-July-2025-for-Ivanti-EPM-2024-SU2-and-EPM-2022-SU8?language=en_US 3c1d8aa1-5a33-4ea4-8992-aadd6440af75 Vendor Advisory
AI Forensic Analysis
Only Available for Registered Users. Sign in to view.
Raw JSON
The full cvelistV5 record. Download as CVE-2025-7037.json.
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-7037",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-08T15:07:06.356647Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-08T15:07:12.721Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Endpoint Manager",
"vendor": "Ivanti",
"versions": [
{
"status": "unaffected",
"version": "2024 SU3"
},
{
"status": "unaffected",
"version": "2022 SU8"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "<span style=\"background-color: rgb(255, 255, 255);\">SQL injection in Ivanti Endpoint Manager before version 2024 SU3 and 2022 SU8 Security Update 1 allows a remote authenticated attacker with admin privileges to read arbitrary data from the database</span><br>"
}
],
"value": "SQL injection in Ivanti Endpoint Manager before version 2024 SU3 and 2022 SU8 Security Update 1 allows a remote authenticated attacker with admin privileges to read arbitrary data from the database"
}
],
"impacts": [
{
"capecId": "CAPEC-66",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-66 SQL Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-08T14:54:47.978Z",
"orgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"shortName": "ivanti"
},
"references": [
{
"url": "https://forums.ivanti.com/s/article/Security-Advisory-July-2025-for-Ivanti-EPM-2024-SU2-and-EPM-2022-SU8?language=en_US"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "SQL injection in Ivanti Endpoint Manager",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"assignerShortName": "ivanti",
"cveId": "CVE-2025-7037",
"datePublished": "2025-07-08T14:54:42.789Z",
"dateReserved": "2025-07-02T20:01:55.610Z",
"dateUpdated": "2025-07-08T15:07:12.721Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}