CVE-2025-4428 - Ivanti Endpoint Manager Mobile (EPMM) Code Injection Vulnerability

Vulnerability Name

Ivanti Endpoint Manager Mobile (EPMM) Code Injection Vulnerability

Description

Ivanti Endpoint Manager Mobile (EPMM) contains a code injection vulnerability in the API component that allows an authenticated attacker to remotely execute arbitrary code via crafted API requests. This vulnerability results from an insecure implementation of the Hibernate Validator open-source library.

Known To Be Used in Ransomware Campaigns?

Unknown

Action

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Additional Notes

https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Endpoint-Manager-Mobile-EPMM

https://nvd.nist.gov/vuln/detail/CVE-2025-4428

Related News Articles

Ivanti EPMM flaw exploited by Chinese hackers to breach govt agenciesMay 22, 2025

Chinese Hackers Exploit Ivanti EPMM Bugs in Global Enterprise Network AttacksMay 22, 2025