CVE-2025-7473
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-10-21

Last updated on: 2025-10-23

Assigner: ManageEngine

Description
Zohocorp ManageEngine EndPoint Central versionsΒ 11.4.2516.1 and prior are vulnerable to XML Injection.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-10-21
Last Modified
2025-10-23
Generated
2026-06-16
AI Q&A
2025-10-21
EPSS Evaluated
2026-06-15
NVD
CVE-2025-7473
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
zohocorp manageengine_endpoint_central to 11.4.2516.01 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-91 The product does not properly neutralize special elements that are used in XML, allowing attackers to modify the syntax, content, or commands of the XML before it is processed by an end system.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2025-7473 is a medium-severity XML Injection vulnerability in Zoho Corp ManageEngine EndPoint Central versions 11.4.2516.1 and earlier. It allows a non-admin user, by using a specially crafted XML file, to perform actions that are normally restricted to administrators. This means unauthorized privilege escalation through XML data parsing. [1]

Impact Analysis

This vulnerability can allow a non-admin user to execute administrative actions, potentially leading to unauthorized changes, data manipulation, or disruption of services within the Endpoint Central environment. It can compromise system integrity and availability. [1]

Detection Guidance

You can detect this vulnerability by logging into the ManageEngine Endpoint Central console and checking the build number of your installation. If the build number is 11.4.2516.1 or earlier, your system is vulnerable. There are no specific network or system commands provided to detect the XML Injection vulnerability directly. [1]

Mitigation Strategies

To mitigate this vulnerability, immediately update your ManageEngine Endpoint Central to build 11.4.2516.17 or later by downloading and applying the Patch Package Manager (PPM) from the official source. This patch fixes the XML Injection vulnerability. Additionally, verify your current build number in the Endpoint Central console to confirm the update. [1]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-7473. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart