CVE-2025-4428

CVE Database · CVE-2025-4428

CVE-2025-4428

· HIGHAnalyzed

CVSS v3.1

7.2

EPSS

86.92%

Published

May 13, 2025

Modified

Oct 24, 2025

CISA Known Exploited Vulnerability

Added: 2025-05-19 · Due: 2025-06-09

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Public PoC / Exploit (2)

All weaponized →

TrickestTrickest PoC index GitHub PoCxie-22/CVE-2025-4428★4

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Remote Code Execution in API component in Ivanti Endpoint Manager Mobile 12.5.0.0 and prior on unspecified platforms allows authenticated attackers to execute arbitrary code via crafted API requests.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Weaknesses (CWE)

CWE-94

Affected Products (4)

ivanti · endpoint_manager_mobile (up to 11.12.0.5)vulnerable

ivanti · endpoint_manager_mobile (up to 12.3.0.2)vulnerable

ivanti · endpoint_manager_mobile (up to 12.4.0.2)vulnerable

ivanti · endpoint_manager_mobilevulnerable

References (2)

https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Endpoint-Manager-Mobile-EPMM

Vendor Advisory

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-4428

US Government Resource

KEV Catalog EPSS Scores Vendors All CVEs