SOC Prime Reports Active Exploitation of Motex LANSCOPE Vulnerability CVE-2025-61932
Category:Vulnerability / Exploitation Reports
A critical flaw in Motex LANSCOPE Endpoint Manager (CVE-2025-61932) is under active exploitation according to SOC Prime. The vulnerability enables remote code execution through specially crafted network packets, already observed in live attacks across Japan-based organizations.
CORTEX Protocol Intelligence Assessment
Business Impact: Enterprises running on-premises Lanscope instances face critical exploitation risk. Technical Context: The vulnerability stems from insufficient channel verification in the Client Program and Detection Agent modules, allowing arbitrary code execution.
Strategic Intelligence Guidance
- Patch affected versions to 9.4.7.3 or later immediately
- Block suspicious UDP/TCP packets targeting Lanscope ports
- Implement enhanced anomaly detection for endpoint traffic
- Review JPCERT advisories for ongoing exploitation indicators
CVEs
Vendors
Targets
Intelligence Source: CVE-2025-61932 Exploitation: A New Critical Motex LANSCOPE Endpoint Manager Vulnerability | Oct 28, 2025