Exploit for Authentication Bypass Using an Alternate Path or Channel in Ivanti Endpoint_Manager_Mobile

🗓️ 15 May 2025 13:59:39Reported by watchtowrlabsType

githubexploit

githubexploit🔗 github.com👁 399 Views

Detects Ivanti EPMM vulnerability for CVE-2025-4427 and CVE-2025-4428 Pre-Auth RCE chain.

Reporter	Title	Published	Views	Family All 71
GithubExploit	Exploit for Code Injection in Ivanti Endpoint_Manager_Mobile	16 May 202500:42	–	githubexploit
GithubExploit	Exploit for Authentication Bypass Using an Alternate Path or Channel in Ivanti Endpoint_Manager_Mobile	31 Aug 202519:00	–	githubexploit
ATTACKERKB	CVE-2025-4428	13 May 202500:00	–	attackerkb
ATTACKERKB	CVE-2025-4427	13 May 202500:00	–	attackerkb
Information Security Automation	June Linux Patch Wednesday	1 Jul 202511:28	–	avleonov
BDU FSTEC	The vulnerability of the application interface for managing the lifecycle of mobile devices and mobile applications in Ivanti Endpoint Manager Mobile (EPMM) – previously known as MobileIron Core – allows a malicious actor to circumvent security restrictions and gain unauthorized access to protected information.	28 May 202500:00	–	bdu_fstec
BDU FSTEC	The vulnerability of the application interface for managing the lifecycle of mobile devices and Ivanti Endpoint Manager Mobile (EPMM) (formerly MobileIron Core) allows a perpetrator to execute arbitrary code.	21 May 202500:00	–	bdu_fstec
Circl	CVE-2025-4427	13 May 202516:30	–	circl
Circl	CVE-2025-4428	13 May 202516:30	–	circl
CISA KEV Catalog	Ivanti Endpoint Manager Mobile (EPMM) Authentication Bypass Vulnerability	19 May 202500:00	–	cisa_kev

25 Jul 2025 12:16Current

8.7High risk

Vulners AI Score8.7

CVSS 3.17.2 - 8.8

EPSS0.99589

ivanti epmm vulnerability detection cve-2025-4427 cve-2025-4428 pre-auth rce artifact generator affected versions.