Remote Code Execution in API component in Ivanti Endpoint Manager Mobile 12.5.0.0 and prior on unspecified platforms allows authenticated attackers to execute arbitrary code via crafted API requests.
Published: 2025-05-13
Remote code execution vulnerability in a popular mobile device management solution from Ivanti has been exploited in the wild in limited attacks
https://www.infosecurity-magazine.com/news/ivanti-vulnerability-exploit-could/
https://cyberscoop.com/ivanti-epmm-defects-exploited/
https://socprime.com/blog/detect-badsuccessor-attacks/
https://www.theregister.com/2025/05/23/ivanti_chinese_spies_attack/
https://thehackernews.com/2025/05/chinese-hackers-exploit-ivanti-epmm.html
https://www.theregister.com/2025/05/14/ivanti_patches_two_zerodays_and/
https://www.securityweek.com/ivanti-patches-two-epmm-zero-days-exploited-to-hack-customers/
https://www.infosecurity-magazine.com/news/fortinet-ivanti-zero-days/
https://thehackernews.com/2025/05/ivanti-patches-epmm-vulnerabilities.html
Published: 2025-05-13
Updated: 2025-05-21
Known Exploited Vulnerability (KEV)
Base Score: 9
Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C
Severity: High
Base Score: 8.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity: High
EPSS: 0.30929
Tenable Research has classified this CVE under the following Vulnerability Watch classification, which includes active and historical (inactive) classifications. You can learn more about these classifications on our blog.
Vulnerability of Interest