The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical security flaw that affects Motex Lanscope Endpoint Manager to its Known Exploited Vulnerabilities (KEV) catalog and confirmed that attackers are already exploiting it in the wild.
The vulnerability, CVE-2025-61932 (CVSS v4 score: 9.3), targets on-premises versions of Lanscope Endpoint Manager, specifically the Client program and Detection Agent. This flaw enables attackers to execute arbitrary code on vulnerable systems, creating a serious security threat.
CISA explained, “Motex LANSCOPE Endpoint Manager contains an improper verification of source of a communication channel vulnerability, allowing an attacker to execute arbitrary code by sending specially crafted packets.”
The flaw affects versions 9.4.7.1 and earlier, but Motex has resolved the issue in the following updates:
- 9.3.2.7
- 9.3.3.9
- 9.4.0.5
- 9.4.1.5
- 9.4.2.6
- 9.4.3.8
- 9.4.4.6
- 9.4.5.4
- 9.4.6.3, and
- 9.4.7.3
At this time, security experts do not yet know how attackers are exploiting the vulnerability, who is responsible, or the scale of the attacks. However, a recent alert from the Japan Vulnerability Notes (JVN) portal revealed that Motex confirmed an unnamed customer “received a malicious packet suspected to target this vulnerability.”
Given the ongoing exploitation, the Federal Civilian Executive Branch (FCEB) agencies must remediate CVE-2025-61932 by November 12, 2025, to protect their networks and reduce exposure to active threats.
Source: TheHackerNews
Read more at Impreza News
