High Threat Security Alert (A25-05-13): Multiple Vulnerabilities in Ivanti Endpoint Manager Mobile


 

Published on: 16 May 2025

  
  

Description:

Ivanti has released security advisory to address multiple vulnerabilities in Ivanti Endpoint Manager Mobile. Detailed information about the vulnerabilities can be found at:
https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Endpoint-Manager-Mobile-EPMM

Reports indicated that multiple vulnerabilities (CVE-2025-4427 and CVE-2025-4428) in Ivanti Endpoint Manager Mobile (EPMM) are being exploited in the wild. System administrators are advised to take immediate actions to patch your affected systems to mitigate the elevated risk of cyber attacks.

 

Affected Systems:

  • Ivanti Endpoint Manager Mobile (EPMM) versions prior to 12.5.0.1, 12.4.0.2, 12.3.0.2, and 11.12.0.5

For detailed information of the affected systems, please refer to the corresponding security advisory at vendor's website.

 

Impact:

Successful exploitation of the vulnerabilities could lead to remote code execution or security restriction bypass on an affected system.

 

Recommendation:

Patches for affected systems are available. System administrators of affected systems should follow the recommendations provided by the vendor and take immediate actions to mitigate the risk.

 

More Information:

  • https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Endpoint-Manager-Mobile-EPMM
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4427
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4428


Tag: Ivanti , Ivanti Endpoint Manager Mobile
Tags