CVE-2025-11248
Unknown Unknown - Not Provided

BaseFortify

Vulnerability report for CVE-2025-11248, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2025-10-27

Last updated on: 2025-10-28

Assigner: ManageEngine

Description

ZohoCorp ManageEngine Endpoint Central versions prior to 11.4.2528.05 are vulnerable to a sensitive information logging issue. An authenticated user with access to the logs could potentially obtain the sensitive agent token.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2025-10-27
Last Modified
2025-10-28
Generated
2026-07-06
AI Q&A
2025-10-27
EPSS Evaluated
2026-07-05
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
zohocorp manageengine_endpoint_central to 11.4.2528.05 (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-532 The product writes sensitive information to a log file.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability in ZohoCorp ManageEngine Endpoint Central versions prior to 11.4.2528.05 involves a sensitive information logging issue where an authenticated user with access to logs could potentially obtain the sensitive agent token. Additionally, there was a risk that such a user could replay valid requests due to insufficient validation in the log handling mechanism. The issue was addressed by improving log validation to prevent replay attacks. [1]

Impact Analysis

If exploited, an authenticated user with access to logs could obtain sensitive agent tokens and potentially replay valid requests, which might allow unauthorized actions or access within the system. Although no actual misuse has been reported, this could lead to unauthorized access or manipulation of the Endpoint Central agent's operations. [1]

Detection Guidance

This vulnerability can be detected by verifying the version of the ManageEngine Endpoint Central agent installed on your system. Specifically, check if the build number is prior to 11.4.2528.05. Since the issue involves sensitive information being logged, reviewing the logs for exposure of sensitive agent tokens by an authenticated user with log access may also help. However, no specific detection commands are provided in the available resources. [1]

Mitigation Strategies

To mitigate this vulnerability, immediately upgrade your ManageEngine Endpoint Central agent to build 11.4.2528.05 or later. This involves logging into the Endpoint Central console, checking the current build number, downloading the latest Patch Package Manager (PPM) for your build, and applying the update. If further assistance is needed, contact ManageEngine support at [email protected]. [1]

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-11248. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart