Malicious Listeners for Ivanti EPMM

~Cisa~
Threat actors are exploiting Ivanti EPMM vulnerabilities (CVE-2025-4427/4428) to install malicious listeners for remote code execution.
-
IOCs: 82. 132. 235. 212, 37. 219. 84. 22, 88. 194. 29. 21
-
#CVE20254427 #Ivanti #ThreatIntel

Questions mount as Ivanti tackles another round of zero-days The besieged security vendor maintains the latest exploited vulnerabilities in its products are entirely linked to unspecified security issues in open-source libraries. Some researchers aren’t buying ...

Two new zero-day vulnerabilities (CVE-2025-4427 & 4428) in their Endpoint Manager Mobile software are being actively exploited by nation-state hackers.

Researchers say it’s Ivanti’s code to blame, not open-source.

#ZeroDay #Cybersecurity #RiskManagement #SupplyChainSecurity #CVE20254427 #UNC5221

Ivanti patches two 0-days and a critical make-me-admin bug : Vendor says vulns are linked with 2 mystery open source libraries integrated into EPMM product

#Ivanti patches two zero-days under active attack as intel agency warns customers
www.theregister.com/2025/05/14/i...

#AustralianSignalsDirectorate issues critical warning about #CVE20254427 (5.3) & #CVE20254428 (7.2).
#CyberSecurity #InfoSec #Vulnerability #ZeroDay #0Day #ASD