Ivanti fixes EPMM zero-days chained in code execution attacks

Ivanti warned customers today to patch their Ivanti Endpoint Manager Mobile (EPMM) software against two security vulnerabilities chained in attacks to gain remote code execution. "Ivanti has released updates for Endpoint Manager Mobile (EPMM) which addresses one medium and one high severity vulnerability," the company said. "When chained together, successful exploitation could lead to unauthenticated remote code execution. We are aware of a very limited number of customers whose solution has been exploited at the time of disclosure." The first security flaw (CVE-2025-4427) is an authentication bypass in EPMM's API component, allowing attackers to access protected resources on vulnerable devices. The second (tracked as CVE-2025-4428) is a remote code execution vulnerability that allows threat actors to execute arbitrary code on targeted systems via maliciously crafted API requests. Ivanti says customers can mitigate the two zero-day flaws by installing Ivanti Endpoint Manager Mobile ... Read full article.