Ivanti has issued security patches for its Endpoint Manager Mobile (EPMM) software to fix two critical vulnerabilities that can be exploited for remote code execution. Customers are urged to update to the latest versions to mitigate potential attacks, which have been observed in limited cases at the time of disclosure.
Affected: Ivanti Endpoint Manager Mobile (EPMM)
Keypoints
- Ivanti warns customers to patch EPMM software to fix two severe security vulnerabilities.
- The vulnerabilities include an authentication bypass (CVE-2025-4427) and a remote code execution flaw (CVE-2025-4428).
- Successful exploitation could allow attackers to gain unauthorized access and execute arbitrary code remotely.
- Users can mitigate these issues by updating to versions 11.12.0.5, 12.3.0.2, 12.4.0.2, or 12.5.0.1.
- Ivanti states the vulnerabilities are associated with open-source libraries and affect only on-premises EPMM products.
- Limited exploitation has been reported, and Ivanti is investigating ongoing attacks.
- Additional security updates address related vulnerabilities in Ivanti Neurons for ITSM and Cloud Services Appliance.