Ivanti disclosed two critical vulnerabilities, identified as CVE-2025-4427 and CVE-2025-4428, affecting Ivanti Endpoint Manager Mobile (EPMM) version 12.5.0.0 and earlier.
These flaws, when chained together, allow unauthenticated remote code execution (RCE) on internet-facing systems, posing a severe risk to enterprise security
https://gbhackers.com/chinese-nexus-hac ... it-ivanti/