Cybersecurity and Infrastructure Security Agency (CISA) has added two critical zero-day vulnerabilities affecting Ivanti Endpoint Manager Mobile (EPMM) to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The flaws CVE-2025-4427 and CVE-2025-4428 enable authentication bypass and remote code execution, respectively, and stem from insecure implementations of widely used open-source […] The post CISA Adds Actively Exploited Ivanti EPMM Zero-Day to KEV Catalog appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
First seen on gbhackers.com
Jump to article: gbhackers.com/ivanti-epmm-zero-day-to-kev-catalog/
