Vulnerability Database

296,172

Total vulnerabilities in the database

CVE-2025-22458

DLL hijacking in Ivanti Endpoint Manager before version 2024 SU1 or before version 2022 SU7 allows an authenticated attacker to escalate to System.

  • Published: Apr 8, 2025
  • Updated: May 17, 2025
  • CVE: CVE-2025-22458
  • Severity: High
  • Exploit:

CVSS v3:

  • Severity: High
  • Score: 7.8
  • AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWEs:

Software From Fixed in
ivanti / endpoint_manager 2022-su1 2022-su1.x
ivanti / endpoint_manager - 2022
ivanti / endpoint_manager 2022 2022.x
ivanti / endpoint_manager 2022-su2 2022-su2.x
ivanti / endpoint_manager 2022-su3 2022-su3.x
ivanti / endpoint_manager 2022-su4 2022-su4.x
ivanti / endpoint_manager 2022-su5 2022-su5.x
ivanti / endpoint_manager 2022-su6 2022-su6.x
ivanti / endpoint_manager 2024 2024.x