Share This:

Cybersecurity Threat AdvisoryIvanti has released updates for Endpoint Manager Mobile (EPMM) that address one medium and one high-severity vulnerability. When chained together, these vulnerabilities can enable unauthenticated remote code execution (RCE). Review the details in this Cybersecurity Threat Advisory for information on mitigating these risks.

What is the threat?

CVE-2025-4427 (CVSS score: 5.3) and CVE-2025-4428 (CVSS score: 7.2) are the latest vulnerabilities found in Ivanti EPMM. CVE-2025-4427 (CVSS score: 5.3) enables attackers to bypass authentication to access protected resources without valid credentials. CVE-2025-4428 (CVSS score: 7.2) permits attackers to execute arbitrary code on targeted system remotely.

The vulnerabilities affect the following versions of Ivanti EPMM:

  • 11.12.0.4 and earlier — fixed in 11.12.0.5
  • 12.3.0.1 and earlier — fixed in 12.3.0.2
  • 12.4.0.1 and earlier — fixed in 12.4.0.2
  • 12.5.0.0 and earlier — fixed in 12.5.0.1

Why is it noteworthy?

These vulnerabilities can cause serious impact when exploited. The ability to execute remote code without authentication is particularly severe, enabling attackers to compromise data integrity, confidentiality, and availability. This makes the flaws highly attractive to cybercriminals.

What is the exposure or risk?

Organizations using Ivanti EPMM are at significant risk if they do not address these vulnerabilities. The exposure includes:

  • Data breach: Attackers could gain access to sensitive corporate data, leading to potential data breaches and compliance violations.
  • Operational disruption: Exploiting these vulnerabilities could disrupt business operations, leading to downtime and loss of productivity.
  • Reputation damage: A successful attack could damage an organization’s reputation, eroding customer trust and confidence.

The risk is compounded by the fact that these vulnerabilities are being actively exploited, making immediate remediation essential.

What are the recommendations?

Barracuda recommends the following actions to mitigate the risks associated with these vulnerabilities:

  • Apply the latest patches provided by Ivanti for EPMM to address these vulnerabilities promptly.
  • Implement monitoring for any unusual activity that may indicate exploitation attempts.
  • Ensure security policies are updated to reflect the new threat landscape and access controls are enforced rigorously.
  • Conduct training sessions for IT staff and end-users on recognizing potential security threats and the importance of software updates.

Reference

For more in-depth information about the recommendations, please visit the following link:

If you have any questions about this Cybersecurity Threat Advisory, don’t hesitate to get in touch with Barracuda Managed XDR’s Security Operations Center.


Share This:
Darshit Kothari

Posted by Darshit Kothari

Darshit is a Cybersecurity Analyst at Barracuda. He's a security expert. Darshit supports our XDR service delivery and is highly skilled at analyzing security events to detect cyber threats, helping keep our partners and their customers protected.

All Posts

Leave a reply

Your email address will not be published. Required fields are marked *