A critical vulnerability (CVE-2025-61932) affecting Motex Lanscope Endpoint Manager has been added to CISAβs KEV list due to active exploitation in the wild. Organizations using affected versions should prioritize patching to prevent arbitrary code execution. #MotexLanscope #CISAKEV
Keypoints
- The vulnerability impacts on-premises versions of Lanscope Endpoint Manager, specifically client and detection components.
- CVE-2025-61932 has a high severity score of 9.3 (CVSS v4), enabling attackers to execute arbitrary code.
- Exploitation involves sending specially crafted packets due to improper verification of communication sources.
- Several versions, including 9.3.2.7 to 9.4.7.3, have been patched to fix this vulnerability.
- FCEB agencies are advised to apply patches by November 12, 2025, amid ongoing active exploitation concerns.
Read More: https://thehackernews.com/2025/10/critical-lanscope-endpoint-manager-bug.html