KEV Entry
CVE-2025-4427
Known Exploited Vulnerability Entry ENISA
Entry Details
Confirmed Exploited2026-04-08 00:00 UTC
Timestamps
2026-04-08
2026-04-08
Scope
Affected: Ivanti / Endpoint Manager Mobile (EPMM) | Description: Medium severity vulnerability. Successful exploitation may lead to unauthenticated remote code execution when chained together with CVE-2025-4428. | Exploitation type: APT | Threat actors: unknown | CWEs: CWE-288 | Origin source: cnw | Notes: https://ccb.belgium.be/advisories/warning-actively-exploited-zero-day-vulnerabilities-ivanti-endpoint-manager-mobile-epmm
References
- {'id': 'CVE-2025-4427', 'url': 'https://www.cve.org/CVERecord?id=CVE-2025-4427'}
- {'id': 'EUVD-2025-14388', 'url': 'https://euvd.enisa.europa.eu/vulnerability/EUVD-2025-14388'}
- {'id': 'source', 'url': 'https://ccb.belgium.be/advisories/warning-actively-exploited-zero-day-vulnerabilities-ivanti-endpoint-manager-mobile-epmm'}
86a07958-6869-455d-a95f-2d0bedd78001
ENISA
cce329bf-df49-4c6e-a027-80be2e6483bd
2026-06-05 16:59 UTC
2026-06-05 16:59 UTC
Evidence
1| Type | Source | Signal | Confidence | Details | GCVE Metadata |
|---|---|---|---|---|---|
| csirt_report | enisa-cnw-kev | successful_exploitation | 0.75 |
View details
|
- |