VDB
BDU%3A2025-05713
BDU%3A2025-05713
PUBLISHED
CVSS 9 CRITICAL
Уязвимость интерфейса приложения для управления жизненным циклом мобильных устройств и мобильных приложений Ivanti Endpoint Manager Mobile (EPMM) (ранее MobileIron Core), позволяющая нарушителю выполнить произвольный код
Risk Scores
CVSS 2.0
9
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ivanti | Ivanti Endpoint Manager Mobile |
Exploit Intelligence
- Ivanti EPMM Pre-Auth RCE Chain (github-poc)
- Ivanti EPMM Pre-Auth RCE Chain (github-poc)
- https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Endpoint-Manager-Mobile-EPMM (circl)
- https://profero.io/blog/ivanti-epmm-attacks (circl)
- https://www.cisa.gov/sites/default/files/csv/known_exploited_vulnerabilities.csv (circl)
- web_invanti_epmm_cve_2025_4427_and_cve_2025_4428.yml (github-poc)
- web_invanti_epmm_cve_2025_4427_and_cve_2025_4428.yml (github-poc)
- kev.json (github-poc)
- kev.json (github-poc)
- watchtowr.json (github-poc)
…and 3 more exploits
Timeline
- May 21, 2025 CVE Published
- May 28, 2025 CVE Updated