1. Forum
  2. tqwNet
  3. TQW GENTECH

  • These two Ivanti bugs are allowing hackers to target cloud instan

    From TechnologyDaily@1337:1/100 to All on Wednesday, May 21, 2025 13:30:09
    These two Ivanti bugs are allowing hackers to target cloud instances - so patch now

    Date:
    Wed, 21 May 2025 12:22:00 +0000

    Description:
    Separately, they're not critical. Chained, the two flaws are highly dangerous.

    FULL STORY ======================================================================New research points to flaws used in targets against cloud instances The flaws were previously found in on-prem attacks Ivanti released a patch so apply it now

    Two bugs affecting Ivantis Endpoint Manager Mobile (EPMM), which were discovered and patched in mid-May, are still being abused in real-life attacks. In fact, they are now targeting cloud instances, as well.

    This is according to cybersecurity researchers Wiz, who published a new
    report recently, detailing the new findings.

    Wiz Research has observed ongoing exploitation of these vulnerabilities in-the-wild targeting exposed and vulnerable EPMM instances in cloud environments since May 16th, 2025, coinciding with the publication of POCs by several sources including watchTowr and ProjectDiscovery, the researchers
    said in their report.

    60% off for Techradar readers

    With Aura's parental control software, you can filter, block, and monitor websites and apps, set screen time limits. Parents will also receive breach alerts, Dark Web monitoring, VPN protection, and antivirus.

    Preferred partner ( What does this mean? ) View Deal CISA added the flaws to KEV

    The bugs in question are an authentication bypass flaw, and a post-authentication remote code execution (RCE) flaw. They are tracked as CVE-2025-4427, and CVE-2025-4428, and neither was given a critical severity score. While neither of these vulnerabilities have been assigned critical severity, in combination they should certainly be treated as critical, Wiz added.

    Ivanti addressed the vulnerabilities in a patch released in mid-May this year and warned, in a security advisory, of ongoing attacks.

    We are aware of a very limited number of customers whose solution has been exploited at the time of disclosure, the company said at the time. To address the issue, users should install Ivanti Endpoint Manager Mobile 11.12.0.5, 12.3.0.2, 12.4.0.2, or 12.5.0.1.

    Initially, Ivanti thought the issue only affected on-prem EPMM products. It
    is not present in Ivanti Neurons for MDM, Ivanti's cloud-based unified endpoint management solution, Ivanti Sentry, or any other Ivanti products," the company explained. "We urge all customers using the on-prem EPMM product to promptly install the patch."

    In the meantime, CISA added the two bugs to its Known Exploited Vulnerabilities (KEV), giving Federal Civilian Executive Branch (FCEB) agencies a deadline to patch up. No threat actors claimed responsibility for any of the attacks so far.

    Via The Register You might also like Security flaw in popular stalkerware apps is exposing phone data of millions Take a look at our guide to the best authenticator app We've rounded up the best password managers



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/these-two-ivanti-bugs-are-allowing-hack ers-to-target-cloud-instances-so-patch-now


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)