Unrated severityCISA KEVNVD Advisory· Published May 13, 2025· Updated Feb 26, 2026
Authentication Bypass
CVE-2025-4427
Description
An authentication bypass in the API component of Ivanti Endpoint Manager Mobile 12.5.0.0 and prior allows attackers to access protected resources without proper credentials via the API.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2<=12.5.0.0+ 1 more
- (no CPE)range: <=12.5.0.0
- (no CPE)range: 12.5.0.1
Patches
Vulnerability mechanics
References
1News mentions
1- Risky Business #792 -- Beware, Coinbase users. Crypto thieves are taking fingers nowRisky Business · May 21, 2025