Ivanti Endpoint Manager Mobile
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Ivanti Endpoint Manager Mobile.
By the Year
In 2025 there have been 0 vulnerabilities in Ivanti Endpoint Manager Mobile. Last year, in 2024 Endpoint Manager Mobile had 6 security vulnerabilities published. Right now, Endpoint Manager Mobile is on track to have less security vulnerabilities in 2025 than it did last year.
Year | Vulnerabilities | Average Score |
---|---|---|
2025 | 0 | 0.00 |
2024 | 6 | 7.85 |
2023 | 5 | 9.14 |
2022 | 0 | 0.00 |
2021 | 0 | 0.00 |
2020 | 0 | 0.00 |
2019 | 0 | 0.00 |
2018 | 0 | 0.00 |
It may take a day or so for new Endpoint Manager Mobile vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Ivanti Endpoint Manager Mobile Security Vulnerabilities
Insecure permissions in Ivanti EPMM before 12.1.0.4
CVE-2024-7612
7.8 - High
- October 08, 2024
Insecure permissions in Ivanti EPMM before 12.1.0.4 allow a local authenticated attacker to modify sensitive application components.
Incorrect Permission Assignment for Critical Resource
Insufficient verification of authentication controls in EPMM prior to 12.1.0.1
CVE-2024-36132
7.5 - High
- August 07, 2024
Insufficient verification of authentication controls in EPMM prior to 12.1.0.1 allows a remote attacker to bypass authentication and access sensitive resources.
authentification
An insecure deserialization vulnerability in web component of EPMM prior to 12.1.0.1
CVE-2024-36131
8.8 - High
- August 07, 2024
An insecure deserialization vulnerability in web component of EPMM prior to 12.1.0.1 allows an authenticated remote attacker to execute arbitrary commands on the underlying operating system of the appliance.
Marshaling, Unmarshaling
An insufficient authorization vulnerability in web component of EPMM prior to 12.1.0.1
CVE-2024-36130
9.8 - Critical
- August 07, 2024
An insufficient authorization vulnerability in web component of EPMM prior to 12.1.0.1 allows an unauthorized attacker within the network to execute arbitrary commands on the underlying operating system of the appliance.
authentification
An improper authentication vulnerability in web component of EPMM prior to 12.1.0.1
CVE-2024-34788
6.5 - Medium
- August 07, 2024
An improper authentication vulnerability in web component of EPMM prior to 12.1.0.1 allows a remote malicious user to access potentially sensitive information
authentification
A local privilege escalation vulnerability in EPMM before 12.1.0.0
CVE-2024-22026
6.7 - Medium
- May 22, 2024
A local privilege escalation vulnerability in EPMM before 12.1.0.0 allows an authenticated local user to bypass shell restriction and execute arbitrary commands on the appliance.
A security vulnerability in EPMM Versions 11.10, 11.9 and 11.8 older
CVE-2023-39337
9.1 - Critical
- November 15, 2023
A security vulnerability in EPMM Versions 11.10, 11.9 and 11.8 older allows a threat actor with knowledge of an enrolled device identifier to access and extract sensitive information, including device and environment configuration details, as well as secrets. This vulnerability poses a serious security risk, potentially exposing confidential data and system integrity.
A security vulnerability has been identified in EPMM Versions 11.10, 11.9 and 11.8 and older
CVE-2023-39335
9.8 - Critical
- November 15, 2023
A security vulnerability has been identified in EPMM Versions 11.10, 11.9 and 11.8 and older allowing an unauthenticated threat actor to impersonate any existing user during the device enrollment process. This issue poses a significant security risk, as it enables unauthorized access and potential misuse of user accounts and resources.
An authentication bypass vulnerability in Ivanti EPMM 11.10 and older
CVE-2023-35082
9.8 - Critical
- August 15, 2023
An authentication bypass vulnerability in Ivanti EPMM 11.10 and older, allows unauthorized users to access restricted functionality or resources of the application without proper authentication. This vulnerability is unique to CVE-2023-35078 announced earlier.
authentification
A path traversal vulnerability in Ivanti EPMM versions (11.10.x < 11.10.0.3, 11.9.x < 11.9.1.2 and 11.8.x < 11.8.1.2)
CVE-2023-35081
7.2 - High
- August 03, 2023
A path traversal vulnerability in Ivanti EPMM versions (11.10.x < 11.10.0.3, 11.9.x < 11.9.1.2 and 11.8.x < 11.8.1.2) allows an authenticated administrator to write arbitrary files onto the appliance.
Directory traversal
An authentication bypass vulnerability in Ivanti EPMM
CVE-2023-35078
9.8 - Critical
- July 25, 2023
An authentication bypass vulnerability in Ivanti EPMM allows unauthorized users to access restricted functionality or resources of the application without proper authentication.
authentification
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Ivanti Endpoint Manager Mobile or by Ivanti? Click the Watch button to subscribe.