CISA Warns of Two Malware Strains Exploiting Ivanti EPMM CVE-2025-4427 and CVE-2025-4428

nsamag September 19, 2025

CISA Warns of Two Malware Strains Exploiting Ivanti EPMM CVE-2025-4427 and CVE-2025-4428 — Sep 19, 2025Ravie LakshmananData Breach / Vulnerability [https://

cisa-warns-of-two-malware-strains-exploiting-ivanti-epmm-cve-2025-4427-and-cve-2

What’s new: The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has reported the discovery of two malware strains exploiting vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM), specifically CVE-2025-4427 and CVE-2025-4428. These vulnerabilities were exploited to gain unauthorized access and execute arbitrary code on compromised servers.

Who’s affected

Organizations using Ivanti EPMM are at risk, particularly those that have not updated their systems since the vulnerabilities were disclosed in May 2025.

What to do

  • Update Ivanti EPMM to the latest version to mitigate the vulnerabilities.
  • Monitor for signs of suspicious activity on your network.
  • Implement access restrictions to prevent unauthorized access to mobile device management (MDM) systems.

Sources

Related Posts:

More Stories

urgent-cisco-asa-zero-day-duo-under-attack-cisa-triggers-emergency-mitigation-di

Urgent: Cisco ASA Zero-Day Duo Under Attack; CISA Triggers Emergency Mitigation Directive

nsamag September 25, 2025
kali-linux-20253-released-with-10-new-tools-wifi-enhancements

Kali Linux 2025.3 released with 10 new tools, wifi enhancements

nsamag September 24, 2025
two-new-supermicro-bmc-bugs-allow-malicious-firmware-to-evade-root-of-trust-secu

Two New Supermicro BMC Bugs Allow Malicious Firmware to Evade Root of Trust Security

nsamag September 23, 2025

You may have missed

urgent-cisco-asa-zero-day-duo-under-attack-cisa-triggers-emergency-mitigation-di

Urgent: Cisco ASA Zero-Day Duo Under Attack; CISA Triggers Emergency Mitigation Directive

nsamag September 25, 2025
kali-linux-20253-released-with-10-new-tools-wifi-enhancements

Kali Linux 2025.3 released with 10 new tools, wifi enhancements

nsamag September 24, 2025
two-new-supermicro-bmc-bugs-allow-malicious-firmware-to-evade-root-of-trust-secu

Two New Supermicro BMC Bugs Allow Malicious Firmware to Evade Root of Trust Security

nsamag September 23, 2025
automaker-giant-stellantis-confirms-data-breach-after-salesforce-hack

Automaker giant Stellantis confirms data breach after Salesforce hack

nsamag September 22, 2025
fbi-warns-of-cybercriminals-using-fake-fbi-crime-reporting-portals

FBI warns of cybercriminals using fake FBI crime reporting portals

nsamag September 19, 2025