ZDI Drops 13 Unpatched Ivanti Endpoint Manager Vulnerabilities

Trend Micro’s Zero Day Initiative (ZDI) this week published 13 advisories describing unpatched vulnerabilities in Ivanti Endpoint Manager.

One of the flaws allows local attackers to elevate their privileges and was reported to Ivanti in November 2024. The remaining 12 lead to remote code execution (RCE) and were reported in June 2025.

While the vulnerabilities are technically not zero-days, ZDI flags all of the unpatched flaws it discloses as ‘0day’. ZDI’s advisories name the vulnerable component and provide a general description of the root cause, but do not contain any other technical details.

No CVE identifier has been issued for these vulnerabilities, but ZDI notes that all of them are high-severity defects. The most severe of them has a CVSS score of 8.8, one has a CVSS score of 7.8, while the remaining 11 have CVSS scores of 7.2.

According to ZDI, the local privilege ...