CVE-2025-4428
CVSS Score
V3.1Attack Vector Metrics
Impact Metrics
Description
Remote Code Execution in API component in Ivanti Endpoint Manager Mobile 12.5.0.0 and prior on unspecified platforms allows authenticated attackers to execute arbitrary code via crafted API requests.
Available Exploits
Related News
CVE-2025-4427 and CVE-2025-4428 – the two Ivanti Endpoint Manager Mobile (EPMM) vulnerabilities that have been exploited in the wild as zero-days and patched by Ivanti last week – are being leveraged by a Chinese cyber espionage group that has been exploiting…
A newly discovered zero-day vulnerability in Ivanti Endpoint Manager Mobile (EPMM) — CVE-2025-4428 — is being actively exploited The post Ivanti EPMM Under Attack: Zero-Day RCE Exploited by China-Linked Group UNC5221 appeared first on Daily CyberSecurity.
CISA has added six new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2025-4427 Ivanti Endpoint Manager Mobile (EPMM) Authentication Bypass Vulnerability CVE-2025-4428 Ivanti En…
Ivanti EPMM users urgently need to patch against actively exploited 0day vulnerabilities (CVE-2025-4427, CVE-2025-4428) that enable pre-authenticated remote…
Remote code execution vulnerability in a popular mobile device management solution from Ivanti has been exploited in the wild in limited attacksBackgroundOn May 13, Ivanti released a security advisory to address a high severity remote code execution (RCE) a…
Affected Products
Affected Versions:
Known Exploited Vulnerability
This vulnerability is actively being exploited in the wild
Remediation Status
Due Date
Added to KEV
Required Action
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.