Vulnerabilities > Ivanti > Endpoint Manager Mobile > 12.5.0.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-05-13 | CVE-2025-4427 | Authentication Bypass Using an Alternate Path or Channel vulnerability in Ivanti Endpoint Manager Mobile An authentication bypass in the API component of Ivanti Endpoint Manager Mobile 12.5.0.0 and prior allows attackers to access protected resources without proper credentials via the API. | 7.5 |
| 2025-05-13 | CVE-2025-4428 | Code Injection vulnerability in Ivanti Endpoint Manager Mobile Remote Code Execution in API component in Ivanti Endpoint Manager Mobile 12.5.0.0 and prior on unspecified platforms allows authenticated attackers to execute arbitrary code via crafted API requests. | 8.8 |