CVE-2024-13165

High

Published: 14 January 2025

Published

14 January 2025

Modified

11 July 2025

KEV Added

—

Patch

—

CVSS Score 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS Score 0.0153 81.4th percentile

Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-13165 is a high-severity Out-of-bounds Write (CWE-787) vulnerability in Ivanti Endpoint Manager. Its CVSS base score is 7.5 (High).

Operationally, ranked in the top 18.6% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-2 (Flaw Remediation) and SI-10 (Information Input Validation).

Threat & Defense at a Glance

What defenders deploy: see the NIST 800-53 controls recommended below.

Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match

prevent

Directly mandates timely identification, reporting, and correction of software flaws such as the out-of-bounds write in Ivanti EPM via vendor security updates.

SI-10 Information Input Validation partial match

prevent

Requires validation of incoming information to block specially crafted requests that trigger the out-of-bounds write vulnerability.

SI-16 Memory Protection partial match

prevent

Implements memory protections to mitigate effects of out-of-bounds writes that could corrupt memory and cause denial-of-service crashes.

NVD Description

An out-of-bounds write in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to cause a denial of service.

Deeper analysisAI

CVE-2024-13165 is an out-of-bounds write vulnerability (CWE-787) affecting Ivanti Endpoint Manager (EPM) in versions prior to the January-2025 Security Update for EPM 2024 and the 2022 SU6 January-2025 Security Update. This flaw enables a remote unauthenticated attacker to trigger a denial of service condition. The vulnerability carries a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H), indicating high severity due to its network accessibility, low attack complexity, and potential for significant availability disruption without requiring privileges or user interaction.

A remote unauthenticated attacker can exploit this vulnerability over the network by sending specially crafted requests that cause an out-of-bounds write in the affected EPM components. Successful exploitation results in a denial of service, potentially crashing the service and disrupting endpoint management operations for affected environments.

Ivanti's security advisory recommends applying the January-2025 Security Update for EPM 2024 or the 2022 SU6 January-2025 Security Update to mitigate the vulnerability. Additional details are available in the official advisory at https://forums.ivanti.com/s/article/Security-Advisory-EPM-January-2025-for-EPM-2024-and-EPM-2022-SU6.

Details

CWE(s): CWE-787

Affected Products

ivanti

endpoint manager

2022, 2024 · ≤ 2022

CVEs Like This One

CVE-2024-13167Same product: Ivanti Endpoint Manager

CVE-2024-13166Same product: Ivanti Endpoint Manager

CVE-2024-13168Same product: Ivanti Endpoint Manager

CVE-2024-13170Same product: Ivanti Endpoint Manager

CVE-2025-13659Same product: Ivanti Endpoint Manager

CVE-2025-9713Same product: Ivanti Endpoint Manager

CVE-2024-13171Same product: Ivanti Endpoint Manager

CVE-2024-13160Same product: Ivanti Endpoint Manager

CVE-2025-9712Same product: Ivanti Endpoint Manager

CVE-2024-13158Same product: Ivanti Endpoint Manager

References

https://forums.ivanti.com/s/article/Security-Advisory-EPM-January-2025-for-EPM-2024-and-EPM-2022-SU6
Vendor Advisory · 3c1d8aa1-5a33-4ea4-8992-aadd6440af75