轉發 台灣電腦網路危機處理暨協調中心 資安訊息警訊 TWCERTCC-200-202512-00000004

[內容說明]
Ivanti旗下的Endpoint Manager(EPM)是一款專門針對裝置管理的系統，提供管理和保護Windows、macOS和Linux裝置。
【CVE-2025-10573，CVSS：9.6】 此為儲存型跨站腳本攻擊漏洞，允許遠端未經驗證的攻擊者在管理員工作階段中執行任意JavaScript程式碼。
【CVE-2025-13659，CVSS：8.8】 此為任意檔案寫入漏洞，因對動態管理的程式碼資源控制不當，使得遠端未經驗證的攻擊者能在伺服器上寫入任意檔案，並可能導致遠端程式碼執行。

[影響平台]
EPM 2024 SU4(含)之前版本

[建議措施]
請更新至以下版本： EPM 2024 SU4 SR1版本

Forwarded from Taiwan Computer Network Crisis Management and Coordination Center: Cybersecurity Alert TWCERTCC-200-202512-00000004

[Content Description] Ivanti's Endpoint Manager (EPM) is a system specifically designed for device management, providing management and protection for Windows, macOS, and Linux devices.

【CVE-2025-10573, CVSS: 9.6】 This is a stored cross-site scripting vulnerability, allowing an unauthenticated attacker to execute arbitrary JavaScript code during the administrator's workflow.

【CVE-2025-13659, CVSS: 8.8】 This is an arbitrary file write vulnerability. Due to improper control over dynamically managed code resources, an unauthenticated attacker can write arbitrary files to the server, potentially leading to remote code execution.

[Affected Platforms]
EPM 2024 SU4 and earlier versions

[Recommended Action]
Please update to the following version: EPM 2024 SU4 SR1