ivanti News Articles
Recent news articles refferecing the vendors vulnerabilities.
CybersecurityNewsCVE-2025-10573Critical Ivanti EPM Vulnerability Allows Admin Session Hijacking via Stored XSS
Cross-site scripting flaw in Ivanti Endpoint Manager 2024 SU4 and earlier could let attackers steal admin sessions without needing to log in.
CVE-2025-10573: Ivanti EPM Unauth Stored XSS Fixed
Details on CVE-2025-10573 in Ivanti EPM, an unauthenticated stored XSS flaw enabling admin session hijack, plus patch, mitigation, and response steps.
Red Hot CyberIvanti Endpoint Manager Vulnerabilities: Update Now to Prevent RCE
Ivanti EPM has critical vulnerabilities, including a 9.6 CVSS XSS flaw. Update now to prevent remote code execution and session hijacking. Learn more.
gbhackers.comCVE-2025-10573High-Risk Ivanti EPM Vulnerability Opens Door to Admin Session Hijacking
A critical stored cross-site scripting (XSS) vulnerability in Ivanti Endpoint Manager (EPM) enables unauthenticated attackers to hijack administrator sessions.
CybersecurityNewsCVE-2025-10573Ivanti Security Update: Patch for Code Execution Vulnerabilities in Endpoint Manager
Ivanti has officially released urgent security updates for its Endpoint Manager (EPM) solution to address four distinct security flaws.
The Hacker NewsCVE-2025-4427CISA Warns of Two Malware Strains Exploiting Ivanti EPMM CVE-2025-4427 and CVE-2025-4428
CISA details attackers exploiting Ivanti EPMM zero-days CVE-2025-4427/4428 in May 2025, enabling persistent remote code execution on vulnerable server
Fixed Ivanti Bugs Still Haunt Japan Orgs 6 Months Later
Chinese threat actors have been feeding off the same Ivanti RCE vulnerabilities we've known about since last year, partly thanks to complications in patching.
The Hacker NewsCVE-2025-0282Ivanti Zero-Days Exploited to Drop MDifyLoader and Launch In-Memory Cobalt Strike Attacks
Ivanti ICS flaws exploited from Dec 2024–July 2025 to deploy MDifyLoader, Cobalt Strike, and Go tools.
CyberSecurityNewsCVE-2025-6771Ivanti Endpoint Manager Mobile Vulnerabilities Let Attackers Execute Remote Code
Ivanti disclosed two high-severity vulnerabilities in its Endpoint Manager Mobile (EPMM) product, which could allow remote attackers to execute code on affected systems.
Ivanti Workspace Control Vulnerability Lets Attackers Remotely Exploit To Steal the Credential
Ivanti has released a critical security update for its Workspace Control software, patching three high-severity vulnerabilities that could allow attackers to compromise sensitive credentials.
CISA (.gov)CVE-2025-4427CISA Adds Six Known Exploited Vulnerabilities to Catalog | CISA
CISA has added six new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2025-4427(link is external) Ivanti Endpoint Manager Mobile (EPMM)...
Risky BizCVE-2025-4428Risky Bulletin: Authorities and security firms take down DanaBot and Lumma Stealer - Risky Business Media
A coalition of law enforcement agencies and cybersecurity firms have dealt two major blows to the cybercrime ecosystem this week by taking [Read More]
Ivanti EPMM flaw exploited by Chinese hackers to breach govt agencies
Chinese hackers have been exploiting a remote code execution flaw in Ivanti Endpoint Manager Mobile (EPMM) to breach high-profile organizations worldwide.
The Hacker NewsCVE-2025-4427Chinese Hackers Exploit Ivanti EPMM Bugs in Global Enterprise Network Attacks
UNC5221 exploited Ivanti EPMM flaws CVE-2025-4427/4428 in global attacks starting May 15, 2025, enabling remote access and data theft
Ivanti EPMM Exploitation Tied to Older Zero-Day Attacks
Wiz researchers found an opportunistic threat actor has been targeting vulnerable edge devices, including Ivanti VPNs and Palo Alto Networks firewalls.
Ivanti EPMM 0-Day RCE Vulnerability Under Active Attack
Ivanti's Endpoint Manager Mobile (EPMM) contains a critical vulnerability chain that has been actively abused.
wiz.ioIvanti EPMM RCE Vulnerability Chain Exploited in the Wild | Wiz Blog
Wiz Research has observed exploitation in-the-wild of CVE-2025-4427 and CVE-2025-4428, the latest vulnerabilities affecting Ivanti Endpoint Manager Mobile (EPMM).
CISA Adds Actively Exploited Ivanti EPMM Zero-Day to KEV Catalog
CISA has added two critical zero-day vulnerabilities affecting Ivanti EPMM to its KEV catalog, citing evidence of active exploitation.
Ivanti EPMM 0-day Vulnerability Actively Exploited in the Wild
Ivanti has disclosed two zero-day vulnerabilities in its Endpoint Manager Mobile (EPMM) solution. When chained together, these vulnerabilities allow attackers to execute unauthenticated remote code.
GBHackers NewsCVE-2025-4427Active Exploitation of Ivanti EPMM Zero-Day Vulnerability in the Wild
Security researchers at The Shadowserver Foundation have identified active exploitation attempts targeting a critical zero-day vulnerability.
HackreadIvanti EPMM Hit by Two Actively Exploited 0day Vulnerabilities
Ivanti EPMM hit by critical 0day vulnerabilities (CVE-2025-4427, CVE-2025-4428) enabling pre-auth RCE. Active exploits confirmed, patch NOW!
Multiple Ivanti Endpoint Mobile Manager Vulnerabilities Allows Remote Code Execution
Critical security flaws have been uncovered in Ivanti EPMM, a widely used MDM solution, exposing organization to the risk.
watchTowr LabsExpression Payloads Meet Mayhem - Ivanti EPMM Unauth RCE Chain (CVE-2025-4427 and CVE-2025-4428)
Keeping your ears to the ground and eyes wide open for the latest vulnerability news at watchTowr is a given. Despite rummaging through enterprise code looking for 0days on a daily basis, our interest was piqued this week when news of fresh vulnerabilities was announced in a close friend -
The Cyber ExpressIvanti EPMM Patches CVE-2025-4427 And CVE-2025-4428
Ivanti releases patches for CVE-2025-4427 and CVE-2025-4428 in EPMM to prevent remote code execution attacks.
Ivanti EPMM Zero-Day Flaws Exploited in Chained Attack
The security software maker said the vulnerabilities in Endpoint Manager Mobile have been exploited in the wild against "a very limited number of customers" — for now — and stem from open source libraries.