CVE-2025-4428

HIGH
2025-05-13 3c1d8aa1-5a33-4ea4-8992-aadd6440af75
7.2
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

3
Analysis Generated
Mar 28, 2026 - 18:41 vuln.today
Added to CISA KEV
Oct 24, 2025 - 13:55 cisa
CISA KEV
CVE Published
May 13, 2025 - 16:15 nvd
HIGH 7.2

Tags

RCE Code Injection Ivanti Endpoint Manager Mobile

Description

Remote Code Execution in API component in Ivanti Endpoint Manager Mobile 12.5.0.0 and prior on unspecified platforms allows authenticated attackers to execute arbitrary code via crafted API requests.

Analysis

Ivanti Endpoint Manager Mobile (EPMM) contains an authenticated code injection in the API component, allowing authenticated attackers to execute arbitrary code through crafted API requests.

Technical Context

The CWE-94 code injection in EPMM's API processes crafted requests that inject executable code into server-side operations. While requiring authentication, the API is accessible to any authenticated EPMM user.

Affected Products

['Ivanti EPMM 12.5.0.0 and prior']

Remediation

Apply Ivanti security updates. Restrict API access. Audit EPMM configurations for unauthorized changes. Monitor managed devices for suspicious profile installations.

Priority Score

131
Low Medium High Critical
KEV: +50
EPSS: +45.3
CVSS: +36
POC: 0

Share

CVE-2025-4428 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy