Ivanti Fixes Two Vulnerabilities in EPMM Software Exploited in Limited Attacks

Ivanti has corrected two vulnerabilities in its Endpoint Manager Mobile (EPMM) software that have been exploited in limited attacks. The flaws, identified under the numbers CVE-2025-4427 and another unspecified one, allow attackers to execute code remotely by combining them. Ivanti has released security updates to address these issues. The attacks have been confirmed by the company, but their scope remains limited.