Security News > 2025 > May > Ivanti Patches EPMM Vulnerabilities Exploited for Remote Code Execution in Limited Attacks
2025-05-14 04:00
Ivanti has released security updates to address two security flaws in Endpoint Manager Mobile (EPMM) software that have been chained in attacks to gain remote code execution. The vulnerabilities in question are listed below - CVE-2025-4427 (CVSS score: 5.3) - An authentication bypass in Ivanti Endpoint Manager Mobile allowing attackers to access protected resources without proper credentials
News URL
https://thehackernews.com/2025/05/ivanti-patches-epmm-vulnerabilities.html
Related news
- Ivanti fixes EPMM zero-days chained in code execution attacks (source)
- ActiveX blocked by default in Microsoft 365 because remote code execution is bad, OK? (source)
- Hackers abuse Zoom remote control feature for crypto-theft attacks (source)
- DslogdRAT Malware Deployed via Ivanti ICS Zero-Day CVE-2025-0282 in Japan Attacks (source)
- More Ivanti attacks may be on horizon, say experts who are seeing 9x surge in endpoint scans (source)
- Airplay-enabled devices open to attack via “AirBorne” vulnerabilities (source)
- Ivanti EPMM vulnerabilities exploited in the wild (CVE-2025-4427, CVE-2025-4428) (source)
- Ivanti patches two zero-days under active attack as intel agency warns customers (source)
- Chinese Hackers Exploit Ivanti EPMM Bugs in Global Enterprise Network Attacks (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-05-13 | CVE-2025-4427 | Authentication Bypass Using an Alternate Path or Channel vulnerability in Ivanti Endpoint Manager Mobile An authentication bypass in the API component of Ivanti Endpoint Manager Mobile 12.5.0.0 and prior allows attackers to access protected resources without proper credentials via the API. | 7.5 |