Ivanti

Endpoint Manager Mobile

29 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 21.11%
  • Veröffentlicht 14.10.2025 14:17:55
  • Zuletzt bearbeitet 15.10.2025 18:08:01

OS command injection in the admin panel of Ivanti EPMM before version 12.6.0.2, 12.5.0.4, and 12.4.0.4 allows a remote authenticated attacker with admin privileges to achieve remote code execution.

  • EPSS 21.11%
  • Veröffentlicht 14.10.2025 14:14:49
  • Zuletzt bearbeitet 15.10.2025 18:07:28

OS command injection in the admin panel of Ivanti EPMM before version 12.6.0.2, 12.5.0.4, and 12.4.0.4 allows a remote authenticated attacker with admin privileges to achieve remote code execution.

  • EPSS 14.81%
  • Veröffentlicht 08.07.2025 15:38:48
  • Zuletzt bearbeitet 11.07.2025 17:29:00

OS command injection in Ivanti Endpoint Manager Mobile (EPMM) before version 12.5.0.2,12.4.0.3 and 12.3.0.3 allows a remote authenticated attacker with high privileges to achieve remote code execution

  • EPSS 12.31%
  • Veröffentlicht 08.07.2025 15:15:33
  • Zuletzt bearbeitet 11.07.2025 17:29:21

OS command injection in Ivanti Endpoint Manager Mobile (EPMM) before version 12.5.0.2 allows a remote authenticated attacker with high privileges to achieve remote code execution

Warnung Medienbericht
  • EPSS 83.64%
  • Veröffentlicht 13.05.2025 15:46:55
  • Zuletzt bearbeitet 24.10.2025 13:55:22

Remote Code Execution in API component in Ivanti Endpoint Manager Mobile 12.5.0.0 and prior on unspecified platforms allows authenticated attackers to execute arbitrary code via crafted API requests.

Warnung Medienbericht
  • EPSS 99.89%
  • Veröffentlicht 13.05.2025 15:45:35
  • Zuletzt bearbeitet 24.10.2025 13:55:27

An authentication bypass in the API component of Ivanti Endpoint Manager Mobile 12.5.0.0 and prior allows attackers to access protected resources without proper credentials via the API.

  • EPSS 0.24%
  • Veröffentlicht 08.10.2024 17:15:55
  • Zuletzt bearbeitet 18.12.2024 18:27:42

Insecure permissions in Ivanti EPMM before 12.1.0.4 allow a local authenticated attacker to modify sensitive application components.

  • EPSS 1.25%
  • Veröffentlicht 07.08.2024 04:17:18
  • Zuletzt bearbeitet 19.03.2025 21:15:35

Insufficient verification of authentication controls in EPMM prior to 12.1.0.1 allows a remote attacker to bypass authentication and access sensitive resources.

  • EPSS 2.29%
  • Veröffentlicht 07.08.2024 04:17:18
  • Zuletzt bearbeitet 21.08.2024 18:35:05

An insecure deserialization vulnerability in web component of EPMM prior to 12.1.0.1 allows an authenticated remote attacker to execute arbitrary commands on the underlying operating system of the appliance.

  • EPSS 2.25%
  • Veröffentlicht 07.08.2024 04:17:17
  • Zuletzt bearbeitet 13.03.2025 21:15:40

An insufficient authorization vulnerability in web component of EPMM prior to 12.1.0.1 allows an unauthorized attacker within the network to execute arbitrary commands on the underlying operating system of the appliance.