CVE-2025-22464 MEDIUM

CVE-2025-22464

Weakness CWE-822
Published April 8, 2025
Last update April 8, 2025

CVSS base score

6.1/10
Attack vector Local
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality None
Integrity Low

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H

What the vulnerability does

01Description

An untrusted pointer dereference vulnerability in Ivanti Endpoint Manager before version 2024 SU1 or before version 2022 SU7 allows an attacker with local access to write arbitrary data into memory causing a denial-of-service condition.

Key dates

02Disclosure timeline

April 8, 2025 CVE published
April 8, 2025 Record updated