Tracked as CVE-2025-61932, the flaw impacts both the Client Program (MR) and the Detection Agent (DA) in version 9.4.7.1 and earlier.
Real-world exploit attempts have already been observed, making prompt patching imperative.
Security researchers found that specially crafted network packets sent to computers running the vulnerable on-premise software trigger a severe error in the MR client and DA detection agent.
This error bypasses all user interaction requirements no clicks or email openings are needed granting attackers direct, high-privilege code execution on target machines.
Evidence indicates that malicious packets exploiting this weakness have been delivered to customer networks in live environments.
Only the On-Premise Edition of LANSCOPE Endpoint Manager is affected; the Cloud Edition remains unaffected.
Both core components, Client Program (MR) and Detection Agent (DA), in version 9.4.7.1 and earlier, contain the vulnerability.
Organizations using the on-premise solution face an immediate risk until they apply the update.
A security update addressing this issue is now available on the official LANSCOPE support portal.
Because the vulnerability resides entirely in client-side software, every endpoint running the on-premise edition must be updated.
The patch uses the same procedure as a regular software upgrade for the MR client and DA agent; no manager console upgrade is required.
Administrators should schedule an immediate rollout of the patch and monitor networks for any unusual incoming packets targeting these agents.
| CVE ID | Product | CVSS 3.0 Score |
|---|---|---|
| CVE-2025-61932 | LANSCOPE Endpoint Manager On-Premise Edition | 9.8 |
Ensure all on-premise client PCs are updated without delay to eliminate the exploitation window presented by this severe flaw.
Cyber Awareness Month Offer: Upskill With 100+ Premium Cybersecurity Courses From EHA's Diamond Membership: Join Today
The post LANSCOPE Endpoint Manager Vulnerability Allows Attackers to Execute Remote Code appeared first on Cyber Security News.
In a major escalation of supply chain attacks, the GlassWorm malware campaign has evolved to…
A single shot protected mice from the protein gunk implicated in Alzheimer’s disease. Alzheimer’s disease…
If you have an interest in video and movie making then you are going to…
If you want to become a DJ or love mixing sounds then this music mixer…
If you are into brands and love solving quizzes then this logo quiz is an…
Artificial intelligence is increasingly positioned as a key enabler of renewable energy adoption. From wind…
This website uses cookies.