Wiz warns of ongoing exploitation of recent Ivanti vulnerabilities
Cybersecurity firm Wiz says threat actors are actively exploiting in the wild two recently patched Ivanti Endpoint Manager Mobile (EPMM) vulnerabilities.
Tracked as CVE-2025-4427 and CVE-2025-4428, the flaws are described as an authentication bypass and a post-authentication remote code execution (RCE) issue, and have been assessed with ‘medium severity’ ratings. They were found in two open source libraries integrated into EPMM.
Ivanti released fixes for both bugs on May 13, warning of zero-day exploitation against a limited number of customers and noting that the risk of compromise is significantly reduced if ACLs functionality in the portal or an external WAF is used to filter access to the API.
Read more at SecurityWeek