[CIVN-2025-0240] Remote Code Execution Vulnerability in Ivanti Endpoint Manager Mobile (EPMM)
—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA256
Remote Code Execution Vulnerability in Ivanti Endpoint Manager Mobile (EPMM)
Indian – Computer Emergency Response Team (https://www.cert-in.org.in)
Severity Rating: HIGH
Software Affected
Ivanti Endpoint Manager Mobile version 11.12.0.4 and prior
Ivanti Endpoint Manager Mobile version 12.3.0.1 and prior
Ivanti Endpoint Manager Mobile version 12.4.0.1 and prior
Ivanti Endpoint Manager Mobile version 12.5.0.0 and prior
Overview
A vulnerability has been reported in Ivanti Endpoint Manager Mobile which could allow a remote attacker to execute arbitrary code on the targeted system.
Target Audience:
Individuals and end-user organisations using affected Ivanti Endpoint Manager Mobile.
Risk Assessment:
High risk of sensitive data disclosure and process disruptions.
Impact Assessment:
Potential for system compromise and service disruptions.
Description
Ivanti Endpoint Manager Mobile (Ivanti EPMM) is a Unified Endpoint Management (UEM) solution for securely managing and monitoring mobile devices, applications, and content across different operating systems.
This vulnerability exists in Ivanti Endpoint Manager Mobile due to improper input validation and unsafe handling of Java Expression Language (EL) expressions within certain API endpoints. A remote attacker could exploit this vulnerability by sending a specially crafted API requests.
Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the targeted system.
Note: This vulnerability (CVE-2025-4428) is being exploited in the wild. Users are advised to apply patches urgently.
Solution
Apply appropriate updates as released by Ivanti to affected products:
https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Endpoint-Manager-Mobile-EPMM?language=en_US
Vendor Information
Ivanti
https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Endpoint-Manager-Mobile-EPMM?language=en_US
References
Ivanti
https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Endpoint-Manager-Mobile-EPMM?language=en_US
CVE Name
CVE-2025-4428
– —
Thanks and Regards,
CERT-In
Incident Response Help Desk
e-mail: incident@cert-in.org.in
Phone: +91-11-22902657
Toll Free Number: 1800-11-4949
Toll Free Fax : 1800-11-6969
Web: http://www.cert-in.org.in
PGP Fingerprint: A768 083E 4475 5725 B81A A379 2156 C0C0 B620 D0B4
PGP Key information:
https://www.cert-in.org.in/s2cMainServlet?pageid=CONTACTUS
Postal address:
Indian Computer Emergency Response Team (CERT-In)
Ministry of Electronics and Information Technology
Government of India
Electronics Niketan
6, C.G.O. Complex
New Delhi-110 003
—–BEGIN PGP SIGNATURE—–
iQIzBAEBCAAdFiEE6r4Iam/Ey0c/KakL3jCgcSdcys8FAmjlFCMACgkQ3jCgcSdc
ys8l7BAAqgjCWnLscKwjLb98fkjQM2SHwiLfrcHXyFyWUe7ttytmmQNsDjze3GRK
PTLgnf4t6z/KKwyFENfLsGhFLJyNlePs9O0YyeMMFkb/M/XkTuvqWz0V/aAOe7vC
Sl1CI/MXcf+axvjzhW44OnbQPByuJ4/EeDMfF02TuqVOdcnVj1ynvrm5GXqUe64j
GCCdwZRF/9NZJA4RIADTLhSicNuVW904we6tPNvoNBx24Hv7zK+J24FO1by6l9+G
vbc+/bNspO19//sxHjoEqrvoUUnQBZUDcmAdXuwa24UESEagV6fDzkRfTkQNshe0
ewp72fDJNJqhjJ3DBAP6O8W6O6Rz5WJkr4KSqE1R1MBhucBq7KGUc9aMfhcFyf99
8kMgd4ZBlBBIBP/JO5CM52hn+2pMGsk9oVBaMvNcdqtw8CFSo9Z1CZr6jV7XwMIX
+a3nagsETaEcbc4OKsp39sSgsplr28AvNkZE8mqdh0krOsOVu2TKXLXR+3abzGJd
uxeEeH7Q7cZX6TlTGwUcaiPEM5hieflUqTam4kdXnyIeEF0I0Myw9WYb8fgst9N/
xH0npjlvQPG6j1S1qMU4kSqDQ6DDDQlwqeAtUQ015ZSNcYdqs6WdUIal/cWDgNot
J39R/rekKdmfCduscPRuqs+A1nvQDLHMVJnK6uuYlvEC6D+KHRA=
=3Z23
—–END PGP SIGNATURE—–