Ethical Hacking News
Ivanti has addressed two endpoint management mobile vulnerabilities that were exploited in limited attacks, highlighting the importance of software security and timely patching for organizations.
Ivanti has addressed two vulnerabilities in its Endpoint Manager Mobile (EPMM) software. The vulnerabilities, CVE-2025-4427 and CVE-2025-4428, are chained together for remote code execution without authentication. Two security updates have been released for affected EPMM software versions. The impact of the vulnerabilities is significant, allowing potential unauthorized access to sensitive data or disrupting operations.
Ivanti, a leading provider of endpoint management solutions, has recently addressed two vulnerabilities in its Endpoint Manager Mobile (EPMM) software that have been exploited by threat actors in limited attacks. The company confirmed that the two vulnerabilities, tracked as CVE-2025-4427 and CVE-2025-4428, were chained together to achieve remote code execution without authentication.
According to Ivanti's advisory, the first vulnerability, CVE-2025-4427, is classified as a medium-severity authentication bypass. This allows attackers to access protected resources on the EPMM system without proper credentials. The second vulnerability, CVE-2025-4428, is classified as a high-severity remote code execution vulnerability that enables attackers to execute arbitrary code on the target system.
The CERT-EU reported both vulnerabilities to Ivanti, prompting the company to release security updates for EPMM software versions 11.12.0.4 and prior. The updated versions are 11.12.0.5, 12.3.0.2, 12.4.0.2, and 12.5.0.1.
The impact of the vulnerabilities is significant, as they can be chained together to achieve unauthenticated remote code execution on the EPMM system. This could potentially allow attackers to gain unauthorized access to sensitive data or disrupt the operations of the affected organization.
Ivanti has stated that it is aware of a limited number of customers whose solutions have been exploited at the time of disclosure. The company has released the security updates through its Download Portal, which can be accessed by EPMM users who want to ensure their systems are protected against these vulnerabilities.
The incident highlights the importance of keeping software up-to-date and implementing robust security measures to prevent exploitation of vulnerabilities. It also serves as a reminder that even limited attacks can have significant consequences if left unchecked.
In related news, Ivanti has confirmed that it is still investigating the attacks and does not have "reliable atomic indicators" at this time. The company will continue to monitor the situation and provide updates as necessary.
The incident is also part of a larger trend in cybersecurity, where threat actors are increasingly targeting endpoint management software to gain access to sensitive data or disrupt operations. As such, it is essential for organizations to stay vigilant and take proactive measures to protect themselves against these types of attacks.
In conclusion, Ivanti's recent address of the EPMM vulnerabilities highlights the importance of software security and the need for organizations to prioritize vulnerability patching and incident response. By staying informed and taking proactive steps to secure their systems, organizations can minimize the risk of exploitation by threat actors.
Related Information:
https://www.ethicalhackingnews.com/articles/Ivanti-Addresses-Two-Endpoint-Manager-Mobile-Vulnerabilities-Exploited-in-Limited-Attacks-ehn.shtml
https://securityaffairs.com/177846/uncategorized/ivanti-fixed-two-epmm-flaws-exploited-in-limited-attacks.html
https://thehackernews.com/2025/05/ivanti-patches-epmm-vulnerabilities.html
https://www.bleepingcomputer.com/news/security/ivanti-fixes-epmm-zero-days-chained-in-code-execution-attacks/
https://nvd.nist.gov/vuln/detail/CVE-2025-4427
https://www.cvedetails.com/cve/CVE-2025-4427/
https://nvd.nist.gov/vuln/detail/CVE-2025-4428
https://www.cvedetails.com/cve/CVE-2025-4428/
Published: Wed May 14 14:54:25 2025 by llama3.2 3B Q4_K_M
