CVE-2025-10918
📛 CVE Title
CVE-2025-10918
Description
Insecure default permissions in the agent of Ivanti Endpoint Manager before version 2024 SU4 allows a local authenticated attacker to write arbitrary files anywhere on disk
Overview
- State
- PUBLISHED
- Assigner (CNA)
- ivanti
- CVSS severity
- HIGH
- CVSS score
- 7.1 / 10
- CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H- Effective score
- 7.1 / 10 HIGH source: CNA overview
- CWE(s)
-
CWE-276 - Reserved
- 2025-09-24
- Published
- 2025-11-11 16:31 UTC
- Last updated
- 2025-11-12 21:02 UTC
- Source
- https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2025/10xxx/CVE-2025-10918.json
- Linked Threat
- CVE-2025-10918 — CVE-2025-10918
European Union Vulnerability Database ENISA EUVD
ENISA's official EU repository for curated vulnerability intelligence. Carries a separate identifier (EUVD-YYYY-NNNN) and frequently exposes an earlier-published description + CVSS than NVD does.
- EUVD ID
-
EUVD-2025-84339 - Assigner
- ivanti
- Published
- Nov 11, 2025, 3:31:54 PM
- Updated
- Nov 12, 2025, 8:02:59 PM
- EUVD base score (CVSS 3.1)
-
7.1 / 10
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H - EUVD-reported EPSS
- 0.0600
- Vendors
- Ivanti
- Products
-
Endpoint Manager (patch: 2024 SU4)
- Aliases
-
GHSA-9pjj-6x65-w94f
ENISA description: Insecure default permissions in the agent of Ivanti Endpoint Manager before version 2024 SU4 allows a local authenticated attacker to write arbitrary files anywhere on disk
Affected products (1)
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Ivanti | Endpoint Manager |
2024 SU4 (unaffected)
|
— |
Remediations (10)
Remediations are stored against the linked Threat row; the list below is deduplicated across both pages.
-
web:cybersecuritynews.com
No patch has been released yet; Microsoft has instead issued a multi-step manual mitigation guide while a formal security update is prepared. Windows BitLocker Security Bypass The vulnerability originates in WinRE's handling of the BootExecute registry value under HKLM\ControlSet001\Control\Session Manager.
2026-05-22 11:39 UTC -
web:isc.sans.edu
Microsoft Patch Tuesday October 2025 , Author: Johannes Ullrich
2026-05-22 11:39 UTC -
web:krebsonsecurity.com
Microsoft Corp. today issued security updates to fix more than 80 vulnerabilities in its Windows operating systems and software. There are no known "zero-day" or actively exploited ...
2026-05-22 11:39 UTC -
web:nvd.nist.gov
An official website of the United States government Here's how you know
2026-05-22 11:39 UTC -
web:portal.msrc.microsoft.com
The Security Update Guide provides information on the latest Microsoft security updates, helping users understand and address potential vulnerabilities effectively.
2026-05-22 11:39 UTC -
web:support.esri.com
Refer to the Issues Addressed with this Patch section for details about BUG-000171492. The new patch when shown as available in the ArcGIS Enterprise Patch Notification tool, is listed as ArcGIS Server Security 2025 Update 1 Patch with a release date of April 17, 2025 ; once installed, it is listed as ArcGIS Server Security 2025 Update 1 Patch B.
2026-05-22 11:39 UTC -
web:www.bleepingcomputer.com
Microsoft has released out-of-band (OOB) security updates to patch a critical-severity Windows Server Update Service (WSUS) vulnerability with publicly available proof-of-concept exploit code.
2026-05-22 11:39 UTC -
web:www.rapid7.com
Microsoft is publishing 66 new vulnerabilities today, which is far fewer than we've come to expect in recent months. However, the lone zero-day vulnerability this month demands attention.
2026-05-22 11:39 UTC -
web:www.secure.com
Learn the difference between vulnerability remediation and mitigation , and how a risk-based strategy can strengthen your security posture.
2026-05-22 11:39 UTC -
web:www.securityweek.com
Microsoft has released patches for dozens of flaws in Windows and other products, including ones with a 'likely exploitation' rating.
2026-05-22 11:39 UTC
Vendor references (1)
References embedded in the original CVE record by the assigning CNA.
Web references (0)
DuckDuckGo results ranked by threat-intel / vendor advisory domains. Generated by the 🔎 Find references (web) button above — same flow as the Remediations search.
No web references attached yet.
AI Forensic Analysis
Only Available for Registered Users. Sign in to view.
Raw JSON
The full cvelistV5 record. Download as CVE-2025-10918.json.
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10918",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-12T14:54:12.824437Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-12T20:02:59.040Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Endpoint Manager",
"vendor": "Ivanti",
"versions": [
{
"status": "unaffected",
"version": "2024 SU4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Insecure default permissions in the agent of Ivanti Endpoint Manager before version 2024 SU4 allows a local authenticated attacker to write arbitrary files anywhere on disk"
}
],
"value": "Insecure default permissions in the agent of Ivanti Endpoint Manager before version 2024 SU4 allows a local authenticated attacker to write arbitrary files anywhere on disk"
}
],
"impacts": [
{
"capecId": "CAPEC-1",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-1 Accessing Functionality Not Properly Constrained by ACLs"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-276",
"description": "CWE-276 Incorrect Default Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-11T15:31:54.062Z",
"orgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"shortName": "ivanti"
},
"references": [
{
"url": "https://forums.ivanti.com/s/article/Security-Advisory-EPM-November-2025-for-EPM-2024?language=en_US"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"assignerShortName": "ivanti",
"cveId": "CVE-2025-10918",
"datePublished": "2025-11-11T15:31:54.062Z",
"dateReserved": "2025-09-24T15:26:22.638Z",
"dateUpdated": "2025-11-12T20:02:59.040Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}