Ivanti, a number one enterprise software program supplier, has launched crucial safety updates addressing vulnerabilities throughout a number of merchandise, together with Endpoint Supervisor Cellular (EPMM), Neurons for ITSM (on-premises), Cloud Providers Utility (CSA), and Neurons for MDM (N-MDM).
These vulnerabilities, starting from medium to crucial severity, might permit attackers to execute distant code, achieve administrative entry, escalate privileges, or edit unauthorized assets.
Ivanti urges clients to use patches instantly to guard their environments amid a quickly evolving risk panorama.
Endpoint Supervisor Cellular (EPMM) Vulnerabilities
Ivanti disclosed two vulnerabilities in its on-premises EPMM product, stemming from open-source libraries:
- CVE-2025-4427: An authentication bypass (CVSS 5.3, Medium) permitting entry to protected assets with out credentials.
- CVE-2025-4428: A distant code execution (RCE) flaw (CVSS 7.2, Excessive) enabling arbitrary code execution.
When chained, these vulnerabilities might result in unauthenticated RCE. Based on Ivanti, a “very restricted quantity” of consumers have been exploited.
Affected variations embody 11.12.0.4, 12.3.0.1, 12.4.0.1, 12.5.0.0, and prior. Prospects can mitigate dangers by filtering API entry utilizing Portal ACLs or an exterior Net Utility Firewall (WAF).
An RPM file can be accessible for supported variations (12.3, 12.4, 12.5) through a help case. These points don’t have an effect on Ivanti’s cloud-based Neurons for MDM, Sentry, or different merchandise.
Neurons for ITSM (On-Premises) Vulnerability
A crucial vulnerability, CVE-2025-22462 (CVSS 9.8, Vital; Environmental Rating 6.9, Medium), impacts Ivanti Neurons for ITSM (on-premises) variations 2023.4, 2024.2, and 2024.3.
This authentication bypass might permit an unauthenticated distant attacker to achieve administrative entry, relying on system configuration. No recognized exploits have been reported.
Patches for Could 2025 can be found through Ivanti’s obtain portal (ILS). Prospects can scale back threat by securing the IIS web site, limiting entry to particular IP addresses and domains, or configuring the answer with a DMZ for exterior customers.
Cloud Providers Utility (CSA) Vulnerability
The Ivanti Cloud Providers Utility (CSA) is impacted by CVE-2025-22460 (CVSS 7.8, Excessive), a default credentials vulnerability in variations 5.0.4 and prior. This flaw permits an area authenticated attacker to escalate privileges.
No exploits have been reported. Prospects ought to improve to CSA 5.0.5, however Ivanti warns that upgrading from 5.0.4 doesn’t robotically apply the repair.
A contemporary set up or guide mitigation steps are required, with a future launch deliberate to deal with this subject. The replace is out there at Ivanti’s obtain portal.
Neurons for MDM (N-MDM) Vulnerability
An improper authorization vulnerability (CVSS 5.4, Medium) in Ivanti Neurons for MDM (N-MDM) model R110 permits unauthenticated distant attackers to edit or delete unauthorized assets.
No CVE was assigned, as the problem didn’t meet CVE standards, however Ivanti disclosed it for transparency.
The repair was robotically utilized to all cloud environments and model R114 is unaffected. No exploits have been reported.
Ivanti urges clients to use patches instantly and evaluate configurations to attenuate dangers.
Discover this Information Attention-grabbing! Observe us on Google Information, LinkedIn, & X to Get Immediate Updates!
