Wiz security researchers have reported ongoing exploitation of two Ivanti vulnerabilities, CVE-2025-4427 and CVE-2025-4428, affecting Ivanti Endpoint Manager Mobile (EPMM). These vulnerabilities permit unauthorized access and execution of malware, extending their impact to cloud instances as well as previously reported on-premises environments. Ivanti has patched these flaws but warned that exploits may still be active, emphasizing the urgency for affected customers to update their systems. Despite Ivanti's acknowledgment of limited reported exploits, Wiz highlights broader, on-going attacks in real-world scenarios since mid-May 2023, underscoring the critical need for immediate action to mitigate risks.
Ivanti disclosed the bugs and issued patches for both last week, warning in the security alert it was "aware of a very limited number of customers" whose products had been exploited.
Wiz Research has observed ongoing exploitation of these vulnerabilities in-the-wild targeting exposed and vulnerable EPMM instances in cloud environments since May 16.
Collection
[
|
...
]