Could 14, 2025Ravie LakshmananVulnerability / Endpoint Safety
Ivanti has launched safety updates to deal with two safety flaws in Endpoint Supervisor Cellular (EPMM) software program which were chained in assaults to realize distant code execution.
The vulnerabilities in query are listed beneath –
CVE-2025-4427 (CVSS rating: 5.3) – An authentication bypass in Ivanti Endpoint Supervisor Cellular permitting attackers to entry protected assets with out correct credentials
CVE-2025-4428 (CVSS rating: 7.2) – A distant code execution vulnerability in Ivanti Endpoint Supervisor Cellular permitting attackers to execute arbitrary code on the goal system
The failings affect the next variations of the product –
11.12.0.4 and prior (Fastened in 11.12.0.5)
12.3.0.1 and prior (Fastened in 12.3.0.2)
12.4.0.1 and prior (Fastened in 12.4.0.2)
12.5.0.0 and prior (Fastened in 12.5.0.1)
Ivanti, which credited CERT-EU for reporting the problems, stated it is “conscious of a really restricted variety of clients who’ve been exploited on the time of disclosure” and that the vulnerabilities are “related to two open-source libraries built-in into EPMM.”
The corporate, nevertheless, didn’t disclose the names of the impacted libraries. It is also not identified what different software program functions counting on the 2 libraries could possibly be affected. Moreover, the corporate stated it is nonetheless investigating the instances, and that it doesn’t have dependable indicators of compromise related to the malicious exercise.
“The chance to clients is considerably lowered in the event that they already filter entry to the API utilizing both the built-in Portal ACLs performance or an exterior net utility firewall,” Ivanti famous.
“The difficulty solely impacts the on-prem EPMM product. It’s not current in Ivanti Neurons for MDM, Ivanti’s cloud-based unified endpoint administration resolution, Ivanti Sentry, or every other Ivanti merchandise.”
Individually, Ivanti has additionally shipped patches to include an authentication bypass flaw in on-premise variations of Neurons for ITSM (CVE-2025-22462, CVSS rating: 9.8) that might enable a distant unauthenticated attacker to realize administrative entry to the system. There isn’t any proof that the safety defect has been exploited within the wild.
With zero-days in Ivanti home equipment turning into a lightning rod for menace actors lately, it is crucial that customers transfer shortly to replace their situations to the most recent variations for optimum safety.
Discovered this text attention-grabbing? Observe us on Twitter and LinkedIn to learn extra unique content material we put up.
