Security Advisory

Ivanti Product Update Advisory

  • May 19 2025
Ivanti Product Update Advisory

Overview

We have released a security update to fix vulnerabilities in Ivanti products. Users of affected products are advised to update to the latest version.

 

Affected Products

Cve-2025-4427, cve-2025-4428

Ivanti Endpoint Manager Mobile versions: 11.12.0.4 and earlier
Ivanti Endpoint Manager Mobile version: 12.3.0.1 and earlier
Ivanti Endpoint Manager Mobile Version: 12.4.0.1 and earlier
Ivanti Endpoint Manager Mobile Version: 12.5.0.0 and earlier

CVE-2025-22462

 

Ivanti Neurons for ITSM (on-prem only) version: 2023.4
Ivanti Neurons for ITSM (on-prem only) version: 2024.2
Ivanti Neurons for ITSM (on-prem only) version: 2024.3

 

CVE-2025-22460

 

Ivanti Cloud Services Application Version: 5.0.4 and earlier

 

 

Resolved Vulnerabilities

Authentication bypass vulnerability in Ivanti Endpoint Manager Mobile (EPMM) (CVE-2025-4427)

Remote Code Execution Vulnerability in Ivanti Endpoint Manager Mobile (EPMM) (CVE-2025-4428)
Authentication Bypass Vulnerability in Ivanti Neurons for ITSM (CVE-2025-22462)
Privilege escalation vulnerability in Ivanti Cloud Services Application (CVE-2025-22460)

 

Vulnerability Patches

vulnerability patches have been made available in the latest updates. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

CVE-2025-4428

Ivanti Endpoint Manager Mobile version: 11.12.0.5
Ivanti Endpoint Manager Mobile version: 12.3.0.2
Ivanti Endpoint Manager Mobile version: 12.4.0.2
Ivanti Endpoint Manager Mobile version: 12.5.0.1

CVE-2025-22462

 

Ivanti Neurons for ITSM (on-prem only) version: 2023.4 May 2025 Security Patch
Ivanti Neurons for ITSM (on-prem only) version: 2024.2 May 2025 Security Patch
Ivanti Neurons for ITSM (on-prem only) version: 2024.3 May 2025 Security Patch

 

CVE-2025-22460

 

Ivanti Cloud Services Application Version: 5.0.5

 

 

References

[1] Security Advisory Ivanti Endpoint Manager Mobile (EPMM) May 2025 (CVE-2025-4427 and CVE-2025-4428)
https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Endpoint-Manager-Mobile-EPMM?language=en_US
[2] Security Advisory Ivanti Neurons for ITSM (On-Premises Only) (CVE-2025-22462)
https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Neurons-for-ITSM-on-premises-only-CVE-2025-22462?language=en_US
[3] Security Advisory Ivanti Cloud Services Application (CVE-2025-22460)
https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Cloud-Services-Application-CVE-2025-22460?language=en_US

Tags:
Previous Post

Next Post