Ongoing attacks involving the critical improper source verification of a communication channel flaw in Motex Lanscope Endpoint Manager, tracked as CVE-2025-61932, have prompted the bug's inclusion in the Cybersecurity and Infrastructure Security Agency's Known Exploited Vulnerabilities catalog , with federal agencies urged to remediate the security issue by Nov. 12, The Hacker News reports.

Attackers could harness CVE-2025-61932, which affects on-premises Lanscope Endpoint Manager versions 9.4.7.1 and earlier, to facilitate arbitrary code execution via specially crafted packets, according to CISA. More details regarding intrusions exploiting the flaw were not provided by CISA.

However, Motex was noted by the Japan Vulnerability Notes portal to have disclosed the discovery of an illicit packet believed to target the flaw in an attack against one of its customers. Active abuse of the vulnerability was also noted in an advisory from Japan's JPCERT/CC, which indicated the deployment of an unnamed backdoor.