Authentication bypass using an alternate path or channel in Endpoint Manager Mobile (formerly MobileIron Core) - CVE-2025-4427
Published: May 13, 2025 / Updated: June 4, 2025
Vulnerability identifier: #VU109035
CSH Severity: Critical
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Red
CVE-ID: CVE-2025-4427
CWE-ID: CWE-288
Exploitation vector: Remote access
Exploit availability:
The vulnerability is being exploited in the wild
Vendor: Ivanti
Affected software:
Endpoint Manager Mobile (formerly MobileIron Core)
Endpoint Manager Mobile (formerly MobileIron Core)
Detailed vulnerability description
The vulnerability allows a remote attacker to bypass authentication process.
The vulnerability exists due to incorrect authentication checks. A remote non-authenticated attacker can bypass authentication process and gain access to sensitive information. The obtained information can be used to compromise the affected system.
Note, the vulnerability is being actively exploited in the wild.
How to mitigate CVE-2025-4427
Install updates from vendor's website.