CVE-2025-4427

CVE Database · CVE-2025-4427

CVE-2025-4427

· MEDIUMAnalyzed

CVSS v3.1

5.3

EPSS

99.57%

Published

May 13, 2025

Modified

Oct 24, 2025

CISA Known Exploited Vulnerability

Added: 2025-05-19 · Due: 2025-06-09

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Public PoC / Exploit (5)

All weaponized →

Exploit-DBIvanti Endpoint Manager Mobile 12.5.0.0 - Authentication Bypass NucleiNuclei detection template TrickestTrickest PoC index GitHub PoCwatchtowrlabs/watchTowr-vs-Ivanti-EPMM-CVE-2025-4427-CVE-2025-4428★11 GitHub PoCrxerium/CVE-2025-4427-CVE-2025-4428★0

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

An authentication bypass in the API component of Ivanti Endpoint Manager Mobile 12.5.0.0 and prior allows attackers to access protected resources without proper credentials via the API.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Weaknesses (CWE)

CWE-288

Affected Products (4)

ivanti · endpoint_manager_mobile (up to 11.12.0.5)vulnerable

ivanti · endpoint_manager_mobile (up to 12.3.0.2)vulnerable

ivanti · endpoint_manager_mobile (up to 12.4.0.2)vulnerable

ivanti · endpoint_manager_mobilevulnerable

References (2)

https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Endpoint-Manager-Mobile-EPMM

Vendor Advisory

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-4427

US Government Resource

KEV Catalog EPSS Scores Vendors All CVEs