An authentication bypass in the API component of Ivanti Endpoint Manager Mobile 12.5.0.0 and prior allows attackers to access protected resources without proper credentials via the API.
Published: 2025-05-13
Remote code execution vulnerability in a popular mobile device management solution from Ivanti has been exploited in the wild in limited attacks
https://www.infosecurity-magazine.com/news/ivanti-vulnerability-exploit-could/
https://cyberscoop.com/ivanti-epmm-defects-exploited/
https://socprime.com/blog/detect-badsuccessor-attacks/
https://www.theregister.com/2025/05/23/ivanti_chinese_spies_attack/
https://thehackernews.com/2025/05/chinese-hackers-exploit-ivanti-epmm.html
https://www.theregister.com/2025/05/14/ivanti_patches_two_zerodays_and/
https://www.securityweek.com/ivanti-patches-two-epmm-zero-days-exploited-to-hack-customers/
https://www.infosecurity-magazine.com/news/fortinet-ivanti-zero-days/
https://thehackernews.com/2025/05/ivanti-patches-epmm-vulnerabilities.html
Published: 2025-05-13
Updated: 2025-05-21
Known Exploited Vulnerability (KEV)
Base Score: 7.8
Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N
Severity: High
Base Score: 7.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Severity: High
EPSS: 0.72497
Tenable Research has classified this CVE under the following Vulnerability Watch classification, which includes active and historical (inactive) classifications. You can learn more about these classifications on our blog.
Vulnerability of Interest