CISA Warns of Two Malware Strains Exploiting Ivanti EPMM CVE-2025-4427 and CVE-2025-4428

What’s new: The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has reported the discovery of two malware strains exploiting vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM), specifically CVE-2025-4427 and CVE-2025-4428. These vulnerabilities were exploited to gain unauthorized access and execute arbitrary code on compromised servers.

Who’s affected

Organizations using Ivanti EPMM are at risk, particularly those that have not updated their systems since the vulnerabilities were disclosed in May 2025.

What to do

• Update Ivanti EPMM to the latest version to mitigate the vulnerabilities.
• Monitor for signs of suspicious activity on affected systems.
• Implement access restrictions to prevent unauthorized access to mobile device management (MDM) systems.

Sources

• The Hacker News