LANSCOPE Endpoint Manager Vulnerability Let Attackers Execute Remote Code

Motex has disclosed a severe remote code execution vulnerability in its LANSCOPE Endpoint Manager On-Premise Edition. Assigned CVE-2025-61932, the flaw carries a CVSS 3.0 score of 9.8, classifying it as an emergency-level threat.

This vulnerability could allow attackers to execute arbitrary code on affected systems, potentially leading to full compromise of endpoint devices.

The issue resides in the product’s Client Program (MR) and Detection Agent (DA), components responsible for managing and monitoring endpoint security.

According to Motex’s announcement, versions up to 9.4.7.1 are vulnerable. Importantly, the cloud-based edition remains unaffected, sparing users of the SaaS version from immediate risk.

However, the on-premise deployment, popular among organizations seeking greater control over their IT environments, now faces urgent scrutiny.

LANSCOPE Endpoint Manager Vulnerability

What elevates the alarm is evidence of active exploitation. Motex reports confirmed instances where customers’ environments received malicious packets from external sources.

Attackers appear to target the client-side programs remotely, exploiting weaknesses that bypass typical network defenses.

Security researchers speculate that this could stem from improper input validation in the detection and management protocols, though full technical details await independent analysis.

This vulnerability underscores broader risks in endpoint management tools, which often run with elevated privileges. Once exploited, adversaries could deploy malware, steal sensitive data, or pivot deeper into corporate networks.

Given the high CVSS score driven by its network accessibility, low complexity, and lack of privileges or user interaction required organizations using affected versions should prioritize remediation.

Motex has promptly released a fix, accessible via their customer support portal, LANSCOPE PORTAL. The update targets client PCs exclusively; the central manager does not require upgrading.

Deployment follows standard procedures, making it straightforward for IT teams to roll out across endpoints. As of August 2025, when the advisory was issued, no widespread breaches have been publicly linked to this CVE, but the confirmed malicious activity signals potential for rapid escalation.

Cybersecurity experts urge immediate patching to mitigate risks, especially in hybrid work setups where endpoints connect remotely.

Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.

The post LANSCOPE Endpoint Manager Vulnerability Let Attackers Execute Remote Code appeared first on Cyber Security News.