📦 Endpoint Manager Mobile
by Ivanti
🔍 What is Endpoint Manager Mobile?
Description coming soon...
🛡️ Security Overview
Click on a severity to filter vulnerabilities
⚠️ Known Vulnerabilities
This critical vulnerability in Ivanti Endpoint Manager Mobile allows unauthenticated attackers to inject malicious code and execute arbitrary commands remotely. All organizations using vulnerable vers...
CVE-2026-1281 is a critical code injection vulnerability in Ivanti Endpoint Manager Mobile (EPMM) that allows unauthenticated attackers to execute arbitrary code remotely. This affects organizations u...
This vulnerability allows an unauthorized attacker on the same network to bypass authentication in Ivanti EPMM's web component and execute arbitrary commands on the underlying operating system. It aff...
This vulnerability allows unauthenticated attackers to impersonate any existing user during device enrollment in Ivanti EPMM (formerly MobileIron Core). It affects EPMM versions 11.10, 11.9, 11.8 and ...
CVE-2023-35082 is an authentication bypass vulnerability in Ivanti EPMM (formerly MobileIron Core) that allows remote unauthenticated attackers to access administrative API endpoints. This affects Iva...
CVE-2023-35078 is an authentication bypass vulnerability in Ivanti Endpoint Manager Mobile (EPMM) that allows unauthenticated attackers to access administrative APIs and functionality. This affects or...
This vulnerability allows authenticated administrators in Ivanti EPMM to execute arbitrary operating system commands through the admin panel, leading to remote code execution. It affects organizations...
This CVE describes an OS command injection vulnerability in Ivanti EPMM admin panel that allows authenticated administrators to execute arbitrary commands on the underlying system. Attackers with admi...
This vulnerability allows authenticated attackers with high privileges in Ivanti Endpoint Manager Mobile (EPMM) to execute arbitrary operating system commands through command injection. Attackers can ...
CVE-2025-6770 is an OS command injection vulnerability in Ivanti Endpoint Manager Mobile (EPMM) that allows authenticated attackers with high privileges to execute arbitrary commands on the server. Th...
This vulnerability allows authenticated attackers to execute arbitrary code on Ivanti Endpoint Manager Mobile (EPMM) systems by sending specially crafted API requests. It affects organizations using I...
This vulnerability allows local authenticated attackers to modify sensitive components in Ivanti EPMM due to insecure permissions. Organizations running Ivanti EPMM versions before 12.1.0.4 are affect...
This authentication bypass vulnerability in Ivanti EPMM allows remote attackers to access sensitive resources without proper credentials. It affects Ivanti Endpoint Manager for Mobile (EPMM) versions ...
An authentication bypass vulnerability in Ivanti Endpoint Manager Mobile's API allows attackers to access protected resources without valid credentials. This affects organizations using Ivanti EPMM ve...
An SQL injection vulnerability in Ivanti EPMM's web component allows authenticated users with appropriate privileges to access or modify database data. This affects EPMM versions before 12.1.0.0. Atta...