VDB

CISA-2025-6771

CISA-2025-6771 PUBLISHED CVSS 7.2 HIGH

Reported by ivanti · Published July 8, 2025

OS command injection in Ivanti Endpoint Manager Mobile (EPMM) before version 12.5.0.2,12.4.0.3 and 12.3.0.3 allows a remote authenticated attacker with high privileges to achieve remote code execution

Risk Scores

CVSS 3.1
7.2
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Affected Products

VendorProductVersions
IvantiEndpoint Manager Mobile12.5.0.2, 12.4.0.3, 12.3.0.3
IvantiEndpoint Manager Mobile12.4.0.3, 12.3.0.3, 12.5.0.2

Timeline

  • Jul 8, 2025 CVE Published
  • Jul 9, 2025 CVE Updated

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›