How to find Ivanti Endpoint Manager installations on your network

Zero Day Initiative disclosed thirteen unpatched vulnerabilities (plus a patched fourteenth) in Ivanti Endpoint Manager, including unauthenticated remote code execution (RCE) via path traversal and arbitrary file upload (CVSS 8.8), multiple SQL injection flaws allowing RCE in the service context (CVSS 7.2), and an insecure deserialization leading to SYSTEM privilege escalation (CVSS 7.8). Some fixes are available for specific releases (CVE-2025-9712 / CVE-2025-9872), but many issues remain unpatched; the advisory urges upgrading affected EPM versions or restricting network exposure and provides detection guidance for identifying vulnerable assets.