Initiatives for
As the national authority for Cybersecurity the CCB has developed several initiatives for specific publics which are presented here.
Warning: Two high-severity vulnerabilities in Ivanti Endpoint Manager, Patch immediately!
Image
Published : 13/10/2025
- Last update: 13/10/2025
- Affected software: Ivanti: Endpoint Manager, Affected versions: 2024 SU3 and prior, 2022 SU8 Security Release 1 and prior
- Type: Unspecified
- CVE/CVSS
→ CVE-2025-9872: CVSS 8.8 (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
→ CVE-2025-9712: CVSS 8.8 (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
Sources
Ivanti Security Advisory https://forums.ivanti.com/s/article/Security-Advisory-September-2025-for-Ivanti-EPM-2024-SU3-and-EPM-2022-SU8
Risks
These vulnerabilities in Ivanti Endpoint Manager allow remote attackers to execute code and give them complete access to the device. CVE-2025-9872 & CVE-2025-9712 have a high impact on confidentiality, integrity and availability.
Description
Insufficient filename validation leads to remote code execution, but user interaction is required. The user must visit a malicious page or open a malicious file. The attacker can execute code in the context of the current user.
Recommended Actions
Patch
The Centre for Cybersecurity Belgium strongly recommends installing updates for vulnerable devices with the highest priority after thorough testing.
Monitor/Detect
The CCB recommends organizations upscale monitoring and detection capabilities to identify any related suspicious activity, ensuring a swift response in case of an intrusion.
In case of an intrusion, you can report an incident via: https://ccb.belgium.be/report-incident.
While patching appliances or software to the newest version may provide safety from future exploitation, it does not remediate historic compromise.
References
Zero Day Initiative https://www.zerodayinitiative.com/advisories/ZDI-25-935/
NVD https://nvd.nist.gov/vuln/detail/CVE-2025-9872