Cloud Vulnerability DB
An open project to list all known cloud vulnerabilities and Cloud Service Provider security issues
Vulnerability DatabaseCVE-2025-4427
CVE-2025-4427:
Ivanti Endpoint Manager Mobile vulnerability analysis and mitigation
Overview
An authentication bypass vulnerability (CVE-2025-4427) was discovered in the API component of Ivanti Endpoint Manager Mobile (EPMM) 12.5.0.0 and prior versions. The vulnerability was reported by CERT-EU and disclosed on May 13, 2025. This security flaw affects the on-premises EPMM product, which is a mobile device management (MDM) and endpoint security solution for enterprises (Help Net Security, Tenable Blog).
Technical details
CVE-2025-4427 is an authentication bypass vulnerability with a CVSS v3.1 score of 5.3 (Medium). The flaw allows unauthenticated, remote attackers to access the server's application programming interface (API) that is normally only accessible to authenticated users. The vulnerability is associated with open-source libraries integrated into EPMM, though the specific libraries have not been disclosed (Tenable Blog, Hacker News).
Impact
The vulnerability allows attackers to access protected resources without proper credentials via the API. The risk is significantly reduced for customers who filter access to the API using either the built-in Portal ACLs functionality or an external web application firewall. The vulnerability only affects the on-premises EPMM product and is not present in Ivanti Neurons for MDM, Ivanti's cloud-based unified endpoint management solution, Ivanti Sentry, or any other Ivanti products (Hacker News).
Mitigation and workarounds
Ivanti has released patches for the affected versions: 11.12.0.5, 12.3.0.2, 12.4.0.2, and 12.5.0.1. Organizations can reduce their exposure by implementing API filtering through either the built-in Portal ACLs functionality or an external web application firewall. Users are strongly advised to update their instances to the latest versions for optimal protection (Tenable Blog).
Community reactions
The vulnerability has been flagged by CERT-EU, the cybersecurity service for the institutions, bodies, offices and agencies of the European Union, suggesting it likely affected some of these institutions. Ivanti is actively collaborating with security partners, the broader security community, and law enforcement regarding this vulnerability (Help Net Security).
Additional resources
Source: This report was generated using AI
Free Vulnerability Assessment
Benchmark your Cloud Security Posture
Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.
Get a personalized demo
Ready to see Wiz in action?
“Best User Experience I have ever seen, provides full visibility to cloud workloads.”
David EstlickCISO
“Wiz provides a single pane of glass to see what is going on in our cloud environments.”
Adam FletcherChief Security Officer
“We know that if Wiz identifies something as critical, it actually is.”
Greg PoniatowskiHead of Threat and Vulnerability Management