The Australian Signals Directorate’s (ASD) Australian Cyber Security Centre (ACSC) is aware of two vulnerabilities, one medium and one high severity, in Ivanti Endpoint Manager Mobile. This alert is relevant to large Australian businesses, organisations, and government.
ASD’s ACSC is tracking two vulnerabilities in Ivanti EPMM:
- CVE-2025-4427: Medium severity Authentication Bypass
- CVE-2025-4428: High severity Remote Code Execution
When chained together, these vulnerabilities can provide unauthenticated attackers Remote Code Execution. All versions of Ivanti EPMM prior to and including 12.5.0.0 are vulnerable.
Australian organisations should review their networks for the use of Ivanti EPMM and apply the latest patches available through Ivanti’s download portal.
Organisations should review Ivanti’s advisory for mitigation advice until they cab implement the required patches. Ivanti has provided Analysis Guidance as part of this advisory to assist organisations in determining any active exploitation.
The ASD’s ACSC recommends organisations patch to the latest version of Ivanti EPMM, available through Ivanti’s download portal, and investigate whether their systems have been compromised.
