CVE-2025-4427 - Ivanti Endpoint Manager Mobile (EPMM) Authentication Bypass Vulnerability
Project:Ivanti
Product:Endpoint Manager Mobile (EPMM)
Date Added:2025-05-19Due Date:2025-06-09
Vulnerability Name
Ivanti Endpoint Manager Mobile (EPMM) Authentication Bypass Vulnerability
Description
Ivanti Endpoint Manager Mobile (EPMM) contains an authentication bypass vulnerability in the API component that allows an attacker to access protected resources without proper credentials via crafted API requests. This vulnerability results from an insecure implementation of the Spring Framework open-source library.
Known To Be Used in Ransomware Campaigns?
Unknown
Action
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Additional Notes
https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Endpoint-Manager-Mobile-EPMM
https://nvd.nist.gov/vuln/detail/CVE-2025-4427
Related News Articles
CISA exposes malware kits deployed in Ivanti EPMM attacksSeptember 19, 2025
CISA Warns of Two Malware Strains Exploiting Ivanti EPMM CVE-2025-4427 and CVE-2025-4428September 19, 2025
Ivanti EPMM flaw exploited by Chinese hackers to breach govt agenciesMay 22, 2025
Chinese Hackers Exploit Ivanti EPMM Bugs in Global Enterprise Network AttacksMay 22, 2025