#epmm — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #epmm, aggregated by home.social.
-
If you have Ivanti EPMM, please follow these instructions.
“Technical Analysis updated with reliable Indicators of Compromise (IoC’s). Both in partnership with NCSC-NL.”
The Dutchies are at it again!🤘🇳🇱
#EPMM #CVE20261281 #CVE20261340 #Ivanti #Cybersecurity #infosec #ioc
-
Only quickly popping on here from an otherwise very nice Fediverse vacation, because NCSC-NL has just put out an “assume-breach” warning. That’s… kinda big.
#Ivanti #CVE20261281 #EPMM #MobileIron #NCSC_NL #Cybersecurity #infosec #IOC #NCSC
-
Ivanti has disclosed two critical zero-day vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM) which allow RCE, tracked as CVE-2026-1281 and CVE-2026-1340. Both flaws are unauthenticated code injection issues that allow remote attackers to achieve arbitrary code execution on affected EPMM appliances. Active exploitation has been confirmed.
https://forum.hashpwn.net/post/9428
#cybersecurity #zeroday #rce #news #ivanti #cve #epmm #hashpwn
-
CISA Warns of New Malware Campaign Exploiting Ivanti EPMM Vulnerabilities https://thecyberexpress.com/cisa-mar-cve-2025-4427-28/ #MalwareAnalysisReport #TheCyberExpressNews #TheCyberExpress #CVE-2025-4427 #CVE-2025-4428 #CyberNews #EPMM #MAR
-
CISA has issued an urgent advisory about six actively exploited vulnerabilities affecting Ivanti EPMM, Zimbra, Output Messenger, and other enterprise systems. Learn which systems are at risk and what actions your organization should take immediately to protect critical infrastructure.
#SecurityLand #CyberWatch #CISA #Vulnerability #Ivanti #EPMM #Zimbra #OutputMessenger #EnterpriseSecurity #SecurityExploit #CriticalInfrastructure #Government
Read More: https://www.security.land/us-government-warns-about-six-actively-exploited-vulnerabilities/
-
Ivanti EPMM Hit by Two Actively Exploited 0day Vulnerabilities https://hackread.com/ivanti-epmm-actively-exploited-0day-vulnerabilities/ #Cybersecurity #Vulnerability #CyberAttack #Security #Ivanti #0day #EPMM
-
#Ivanti: Ivanti Endpoint Mobile Manager (#EPMM) #Vulnerabilities CVE-2025-4427 and CVE-2025-4428 Allow Remote Code Execution and being actively exploited in the wild - patch your systems now!
👇
https://cybersecuritynews.com/ivanti-endpoint-mobile-manager-vulnerabilities/ -
Ivanti EPMM Hit by Two Actively Exploited 0day Vulnerabilities – Source:hackread.com https://ciso2ciso.com/ivanti-epmm-hit-by-two-actively-exploited-0day-vulnerabilities-sourcehackread-com/ #1CyberSecurityNewsPost #CyberSecurityNews #cybersecurity #Vulnerability #CyberAttack #Hackread #security #Ivanti #0day #EPMM
-
"And it's Friday!" 😅
Si vous administrez une instance Ivanti Endpoint Manager Mobile (EPMM) c'est le moment de le mettre à jour
Deux failles enchaînables permettent une exécution de code à distance, sans authentification :
CVE-2025-4427 : contournement d’authentification
CVE-2025-4428 : injection de code via Expression Language (Java EL) post-auth
💥 Exploitation active confirmée, visant peu de cibles pour l’instant… mais le risque de mass exploitation est réel une fois l’info diffusée.
Le combo permet à un attaquant d’exécuter des commandes sur le serveur Ivanti EPMM sans identifiants. Exemple démontré par Watchtowr : touch /tmp/poc, ou même id.
🔐 Versions corrigées :
11.12.0.5
12.3.0.2
12.4.0.2
12.5.0.1
⬇️
"Expression Payloads Meet Mayhem - Ivanti EPMM Unauth RCE Chain (CVE-2025-4427 and CVE-2025-4428)"
👇
https://labs.watchtowr.com/expression-payloads-meet-mayhem-cve-2025-4427-and-cve-2025-4428/ -
Ivanti Fixes RCE and Auth Bypass Vulnerabilities in Endpoint Manager Mobile https://thecyberexpress.com/patches-for-cve-2025-4427-and-cve-2025-4428/ #EndpointManagerMobile #TheCyberExpressNews #Vulnerabilities #TheCyberExpress #FirewallDaily #CVE20254427 #CVE20254428 #CyberNews #EPMM
-
Ivanti updated its advisory on CVE-2023-35082 to say all versions of Ivanti Endpoint Manager Mobile 11.10, 11.9 and 11.8 and MobileIron Core 11.7 are affected
https://therecord.media/all-ivanti-versions-affected-by-vulnerability-tied-to-norway-attacks
-
Kein Überblick über #EPMM-Nutzung beim #Bund
>Von einer BSI-Sprecherin heißt es gegenüber Tagesspiegel Background, die Warnmeldung sei an die Bundesverwaltung und Betreiber Kritischer Infrastrukturen versendet worden. […] <
> […] Auf die entsprechende Frage heißt es: „Das
BSI hat keinen Überblick über die in der Bundesverwaltung eingesetzten
MDM-Lösungen".<😬
Siehe Screenshot
#Digitalministerium #Zollkriminalamt #ivanti #mobileiron 2/2
-
Ivanti has remedied all three vulnerabilities, however, users of older versions of MobileIron Core (version 11.2 and earlier) are still at risk.
-
⚠️📢 Unsere Security-Experten haben ein Update unseres Leitfadens „Hilfe zur Selbsthilfe“ für alle User der Software „Ivanti Endpoint Manager Mobile“ (#EPMM) veröffentlicht:
Nachdem mittlerweile auch ein Exploit-Code öffentlich online verfügbar ist, steigt das Risiko einer automatischen Ausnutzung der Ivanti #Schwachstelle CVE-2023-35078.
Unsere aktualisierte Anleitung im #Research Blog von @hisolutions bahnt den Weg aus der Gefahrenzone 🚸:
▶️ https://lnkd.in/ehqmpuAq -
Ivanti patches another EPMM zero-day used to attack Norwegian government
Patch now, urges CISA
https://www.computing.co.uk/news/4121154/ivanti-patches-epmm-zero-day-attack-norwegian-government
-
Advisory: Ivanti Endpoint Manager Mobile (#EPMM) Authentication Bypass Vulnerability https://www.mnemonic.io/resources/blog/ivanti-endpoint-manager-mobile-epmm-authentication-bypass-vulnerability/
-
Ivanti patches zero-day used to attack Norwegian government
Critical flaw in Ivanti's EPMM, formerly known as #MobileIron Core
https://www.computing.co.uk/news/4120836/ivanti-patches-zero-day-attack-norwegian-government
