Security News > 2025 > May > Chinese cyber spies are using Ivanti EPMM flaws to breach EU, US organizations

Chinese cyber spies are using Ivanti EPMM flaws to breach EU, US organizations
2025-05-23 14:13

CVE-2025-4427 and CVE-2025-4428 – the two Ivanti Endpoint Manager Mobile (EPMM) vulnerabilities that have been exploited in the wild as zero-days and patched by Ivanti last week – are being leveraged by a Chinese cyber espionage group that has been exploiting zero-days in edge network appliances since at least 2023, EcleticIQ researchers have shared. Among the entities targeted in this campaign were: a local government authority and healthcare organizations in the UK; a research institute, … More → The post Chinese cyber spies are using Ivanti EPMM flaws to breach EU, US organizations appeared first on Help Net Security.


News URL

https://www.helpnetsecurity.com/2025/05/23/chinese-cyber-spies-are-using-ivanti-epmm-flaws-to-breach-eu-us-organizations/

Related news

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2025-05-13 CVE-2025-4428 Code Injection vulnerability in Ivanti Endpoint Manager Mobile 12.5.0.0
Remote Code Execution in API component in Ivanti Endpoint Manager Mobile 12.5.0.0 and prior on unspecified platforms allows authenticated attackers to execute arbitrary code via crafted API requests.
network
low complexity
ivanti CWE-94
8.8
8.8
2025-05-13 CVE-2025-4427 Authentication Bypass Using an Alternate Path or Channel vulnerability in Ivanti Endpoint Manager Mobile 12.5.0.0
An authentication bypass in the API component of Ivanti Endpoint Manager Mobile 12.5.0.0 and prior allows attackers to access protected resources without proper credentials via the API.
network
low complexity
ivanti CWE-288
7.5
7.5

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Ivanti 29 1 62 215 85 363