Cybersecurity authorities warn of the exploitation of a critical vulnerability, CVE-2025-61932, in Motex Lanscope Endpoint Manager, leading to remote code execution risks. Urgent updates are required as some organizations are already experiencing malicious activity, with exploitation reported in Japan and beyond. #CISA #MotexLanscope #CVE-2025-61932
Keypoints
- The vulnerability CVE-2025-61932 affects Motex Lanscope Endpoint Manager versions 9.4.7.2 and earlier.
- Exploitation involves sending specially crafted packets due to improper request verification.
- Motex recommends updating to versions 9.3.2.7, 9.4.3.8, 9.4.4.6, or later to fix the flaw.
- There are no workarounds; installation of the latest update is the only solution.
- Active exploitation has been observed in Japan, impacting some major organizations and prompting government alerts.