CVE-2025-4427
Authentication Bypass
In short
A security flaw in Ivanti Endpoint Manager Mobile allows attackers to access protected resources through the API without needing valid login credentials. This means unauthorized users could gain access to sensitive data or functions they shouldn't be able to reach.
Technical detail
An authentication bypass vulnerability in the API component of Ivanti Endpoint Manager Mobile 12.5.0.0 and earlier enables unauthenticated or inadequately authenticated access to protected resources. The vulnerability stems from insufficient credential validation in the API, allowing attackers to circumvent authentication controls and access sensitive functionality or data without proper authorization.
Summary generated and translated by AI from the official description.
An authentication bypass in the API component of Ivanti Endpoint Manager Mobile 12.5.0.0 and prior allows attackers to access protected resources without proper credentials via the API.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Affected products
Ivanti · Endpoint Manager Mobilepublic PoCs found — 3
githubgithub.com/watchtowrlabs/watchTowr-vs-Ivanti-EPMM-CVE-2025-4427-CVE-2025-4428★ 11githubgithub.com/rxerium/CVE-2025-4427-CVE-2025-4428★ 0exploitdbwww.exploit-db.com/exploits/52421unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →