CVE-2025-4428HIGH 8.8CISA KEVEPSS p99.7%

CVE-2025-4428Ivanti Endpoint Manager Mobile (EPMM) Code Injection Vulnerability

Ivanti / Endpoint Manager Mobile (EPMM)

Description

Ivanti Endpoint Manager Mobile (EPMM) contains a code injection vulnerability in the API component that allows an authenticated attacker to remotely execute arbitrary code via crafted API requests. This vulnerability results from an insecure implementation of the Hibernate Validator open-source library, as represented by CVE-2025-35036.

Scoring

CVSS 3.18.8 (HIGH)
VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS86.92% probability of exploitation · percentile 99.7% · 2026-06-15T12:03:41Z
Published2025-05-13
Last modified2025-10-24

CISA KEV entry

Added to KEV: 2025-05-19

Underlying weaknesses· 1

CWE-94

References

  1. https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Endpoint-Manager-Mobile-EPMM
  2. https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-4428

1

TypeTargetConfidenceTier
WeaknessImproper Control of Generation of Code ('Code Injection')cwe-940%live

(incoming)1

TypeTargetConfidenceTier
KEVEntryIvanti Endpoint Manager Mobile (EPMM) Code Injection Vulnerabilitykev-cve-2025-44280%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
Ivanti Endpoint Manager Mobile (EPMM) Authentication Bypass Vulnerability
CVE
Ivanti Endpoint Manager (EPM) SQL Injection Vulnerability
CVE
Ivanti Endpoint Manager Cloud Service Appliance (EPM CSA) Code Injection Vulnerability
CVE
Ivanti Endpoint Manager Mobile (EPMM) Improper Input Validation Vulnerability
CVE
CVE-2026-8111
CVE
Ivanti Endpoint Manager Mobile (EPMM) and MobileIron Core Authentication Bypass Vulnerability
Sourced from NVD + CISA KEV + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.