First published: 14 May 2025
Last updated: 14 May 2025

Content written for

Large organisations & infrastructure
Government

This alert is relevant to large Australian businesses, organisations, and government.

This alert contains a combination of simple and moderately complex technical advice, intended for business owners and technical IT support services.

Background

ASD’s ACSC is tracking 2 vulnerabilities in Ivanti EPMM:

  • CVE-2025-4427: Medium severity Authentication Bypass
  • CVE-2025-4428: High severity Remote Code Execution

When chained together, these vulnerabilities can provide unauthenticated attackers Remote Code Execution.

All versions of Ivanti EPMM prior to and including 12.5.0.0 are vulnerable.

Mitigation advice

Australian organisations should review their networks for the use of Ivanti EPMM and apply the latest patches available through Ivanti’s download portal.

Organisations should review Ivanti’s advisory for mitigation advice until they are able to implement the required patches. Ivanti has provided Analysis Guidance as part of this advisory to assist organisations in determining any active exploitation.

Where to get help

Organisations that have been impacted, suspect impact or require advice and assistance can contact us via 1300 CYBER1 (1300 292 371).

Was this helpful?
Yes this was helpful
No this was not helpful

Thanks for your feedback!

We welcome additional feedback below.

Was this information easy to understand?
Will you take action after reading this?
Did you find the information you were looking for?
Did the design and layout of this page meet your expectations?