CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-4428

Remote Code Execution in API component in Ivanti Endpoint Manager Mobile 12.5.0.0 and prior on unspecified platforms allows authenticated attackers to execute arbitrary code via crafted API requests.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.106

EPSS Ranking 92.9%

CVSS Severity

CVSS v3 Score 7.2

Proposed Action

Ivanti Endpoint Manager Mobile (EPMM) contains a code injection vulnerability in the API component that allows an authenticated attacker to remotely execute arbitrary code via crafted API requests. This vulnerability results from an insecure implementation of the Hibernate Validator open-source library.

Ransomware Campaign

Unknown

References

https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Endpoint-Manager-Mobile-EPMM

Products affected by CVE-2025-4428

Ivanti » Endpoint Manager Mobile » Version: Any

cpe:2.3:a:ivanti:endpoint_manager_mobile:*
Ivanti » Endpoint Manager Mobile » Version: N/A

cpe:2.3:a:ivanti:endpoint_manager_mobile:-
Ivanti » Endpoint Manager Mobile » Version: 11.10.0

cpe:2.3:a:ivanti:endpoint_manager_mobile:11.10.0
Ivanti » Endpoint Manager Mobile » Version: 11.10.0.0

cpe:2.3:a:ivanti:endpoint_manager_mobile:11.10.0.0
Ivanti » Endpoint Manager Mobile » Version: 11.10.0.1

cpe:2.3:a:ivanti:endpoint_manager_mobile:11.10.0.1
Ivanti » Endpoint Manager Mobile » Version: 11.10.0.2

cpe:2.3:a:ivanti:endpoint_manager_mobile:11.10.0.2
Ivanti » Endpoint Manager Mobile » Version: 11.10.0.3

cpe:2.3:a:ivanti:endpoint_manager_mobile:11.10.0.3
Ivanti » Endpoint Manager Mobile » Version: 11.10.0.4

cpe:2.3:a:ivanti:endpoint_manager_mobile:11.10.0.4
Ivanti » Endpoint Manager Mobile » Version: 11.11.0

cpe:2.3:a:ivanti:endpoint_manager_mobile:11.11.0
Ivanti » Endpoint Manager Mobile » Version: 11.11.0.0

cpe:2.3:a:ivanti:endpoint_manager_mobile:11.11.0.0
Ivanti » Endpoint Manager Mobile » Version: 11.11.0.1

cpe:2.3:a:ivanti:endpoint_manager_mobile:11.11.0.1
Ivanti » Endpoint Manager Mobile » Version: 11.11.0.2

cpe:2.3:a:ivanti:endpoint_manager_mobile:11.11.0.2
Ivanti » Endpoint Manager Mobile » Version: 11.12.0.0

cpe:2.3:a:ivanti:endpoint_manager_mobile:11.12.0.0
Ivanti » Endpoint Manager Mobile » Version: 11.12.0.1

cpe:2.3:a:ivanti:endpoint_manager_mobile:11.12.0.1
Ivanti » Endpoint Manager Mobile » Version: 11.12.0.2

cpe:2.3:a:ivanti:endpoint_manager_mobile:11.12.0.2
Ivanti » Endpoint Manager Mobile » Version: 11.12.0.3

cpe:2.3:a:ivanti:endpoint_manager_mobile:11.12.0.3
Ivanti » Endpoint Manager Mobile » Version: 11.4.0

cpe:2.3:a:ivanti:endpoint_manager_mobile:11.4.0
Ivanti » Endpoint Manager Mobile » Version: 11.4.0.0

cpe:2.3:a:ivanti:endpoint_manager_mobile:11.4.0.0
Ivanti » Endpoint Manager Mobile » Version: 11.4.1.0

cpe:2.3:a:ivanti:endpoint_manager_mobile:11.4.1.0
Ivanti » Endpoint Manager Mobile » Version: 11.5.0

cpe:2.3:a:ivanti:endpoint_manager_mobile:11.5.0
Ivanti » Endpoint Manager Mobile » Version: 11.5.0.0

cpe:2.3:a:ivanti:endpoint_manager_mobile:11.5.0.0
Ivanti » Endpoint Manager Mobile » Version: 11.6.0

cpe:2.3:a:ivanti:endpoint_manager_mobile:11.6.0
Ivanti » Endpoint Manager Mobile » Version: 11.6.0.0

cpe:2.3:a:ivanti:endpoint_manager_mobile:11.6.0.0
Ivanti » Endpoint Manager Mobile » Version: 11.6.0.01

cpe:2.3:a:ivanti:endpoint_manager_mobile:11.6.0.01
Ivanti » Endpoint Manager Mobile » Version: 11.6.0.1

cpe:2.3:a:ivanti:endpoint_manager_mobile:11.6.0.1
Ivanti » Endpoint Manager Mobile » Version: 11.7.0

cpe:2.3:a:ivanti:endpoint_manager_mobile:11.7.0
Ivanti » Endpoint Manager Mobile » Version: 11.7.0.0

cpe:2.3:a:ivanti:endpoint_manager_mobile:11.7.0.0
Ivanti » Endpoint Manager Mobile » Version: 11.8.0

cpe:2.3:a:ivanti:endpoint_manager_mobile:11.8.0
Ivanti » Endpoint Manager Mobile » Version: 11.8.0.0

cpe:2.3:a:ivanti:endpoint_manager_mobile:11.8.0.0
Ivanti » Endpoint Manager Mobile » Version: 11.8.1.0

cpe:2.3:a:ivanti:endpoint_manager_mobile:11.8.1.0
Ivanti » Endpoint Manager Mobile » Version: 11.8.1.1

cpe:2.3:a:ivanti:endpoint_manager_mobile:11.8.1.1
Ivanti » Endpoint Manager Mobile » Version: 11.8.1.2

cpe:2.3:a:ivanti:endpoint_manager_mobile:11.8.1.2
Ivanti » Endpoint Manager Mobile » Version: 11.9.0

cpe:2.3:a:ivanti:endpoint_manager_mobile:11.9.0
Ivanti » Endpoint Manager Mobile » Version: 11.9.0.0

cpe:2.3:a:ivanti:endpoint_manager_mobile:11.9.0.0
Ivanti » Endpoint Manager Mobile » Version: 11.9.0.1

cpe:2.3:a:ivanti:endpoint_manager_mobile:11.9.0.1
Ivanti » Endpoint Manager Mobile » Version: 11.9.1.0

cpe:2.3:a:ivanti:endpoint_manager_mobile:11.9.1.0
Ivanti » Endpoint Manager Mobile » Version: 11.9.1.1

cpe:2.3:a:ivanti:endpoint_manager_mobile:11.9.1.1
Ivanti » Endpoint Manager Mobile » Version: 11.9.1.2

cpe:2.3:a:ivanti:endpoint_manager_mobile:11.9.1.2
Ivanti » Endpoint Manager Mobile » Version: 12.3.0.0

cpe:2.3:a:ivanti:endpoint_manager_mobile:12.3.0.0
Ivanti » Endpoint Manager Mobile » Version: 12.5.0.0

cpe:2.3:a:ivanti:endpoint_manager_mobile:12.5.0.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-4428

Products

Pricing

Contact Us