Endpoint Manager Mobile Ivanti Endpoint Manager Mobile

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in Ivanti Endpoint Manager Mobile.

By the Year

In 2025 there have been 0 vulnerabilities in Ivanti Endpoint Manager Mobile. Last year, in 2024 Endpoint Manager Mobile had 6 security vulnerabilities published. Right now, Endpoint Manager Mobile is on track to have less security vulnerabilities in 2025 than it did last year.

Year Vulnerabilities Average Score
2025 0 0.00
2024 6 7.85
2023 5 9.14
2022 0 0.00
2021 0 0.00
2020 0 0.00
2019 0 0.00
2018 0 0.00

It may take a day or so for new Endpoint Manager Mobile vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Ivanti Endpoint Manager Mobile Security Vulnerabilities

Insecure permissions in Ivanti EPMM before 12.1.0.4

CVE-2024-7612 7.8 - High - October 08, 2024

Insecure permissions in Ivanti EPMM before 12.1.0.4 allow a local authenticated attacker to modify sensitive application components.

Incorrect Permission Assignment for Critical Resource

Insufficient verification of authentication controls in EPMM prior to 12.1.0.1

CVE-2024-36132 7.5 - High - August 07, 2024

Insufficient verification of authentication controls in EPMM prior to 12.1.0.1 allows a remote attacker to bypass authentication and access sensitive resources.

authentification

An insecure deserialization vulnerability in web component of EPMM prior to 12.1.0.1

CVE-2024-36131 8.8 - High - August 07, 2024

An insecure deserialization vulnerability in web component of EPMM prior to 12.1.0.1 allows an authenticated remote attacker to execute arbitrary commands on the underlying operating system of the appliance.

Marshaling, Unmarshaling

An insufficient authorization vulnerability in web component of EPMM prior to 12.1.0.1

CVE-2024-36130 9.8 - Critical - August 07, 2024

An insufficient authorization vulnerability in web component of EPMM prior to 12.1.0.1 allows an unauthorized attacker within the network to execute arbitrary commands on the underlying operating system of the appliance.

authentification

An improper authentication vulnerability in web component of EPMM prior to 12.1.0.1

CVE-2024-34788 6.5 - Medium - August 07, 2024

An improper authentication vulnerability in web component of EPMM prior to 12.1.0.1 allows a remote malicious user to access potentially sensitive information

authentification

A local privilege escalation vulnerability in EPMM before 12.1.0.0

CVE-2024-22026 6.7 - Medium - May 22, 2024

A local privilege escalation vulnerability in EPMM before 12.1.0.0 allows an authenticated local user to bypass shell restriction and execute arbitrary commands on the appliance.

A security vulnerability in EPMM Versions 11.10, 11.9 and 11.8 older

CVE-2023-39337 9.1 - Critical - November 15, 2023

A security vulnerability in EPMM Versions 11.10, 11.9 and 11.8 older allows a threat actor with knowledge of an enrolled device identifier to access and extract sensitive information, including device and environment configuration details, as well as secrets. This vulnerability poses a serious security risk, potentially exposing confidential data and system integrity.

A security vulnerability has been identified in EPMM Versions 11.10, 11.9 and 11.8 and older

CVE-2023-39335 9.8 - Critical - November 15, 2023

A security vulnerability has been identified in EPMM Versions 11.10, 11.9 and 11.8 and older allowing an unauthenticated threat actor to impersonate any existing user during the device enrollment process. This issue poses a significant security risk, as it enables unauthorized access and potential misuse of user accounts and resources.

An authentication bypass vulnerability in Ivanti EPMM 11.10 and older

CVE-2023-35082 9.8 - Critical - August 15, 2023

An authentication bypass vulnerability in Ivanti EPMM 11.10 and older, allows unauthorized users to access restricted functionality or resources of the application without proper authentication. This vulnerability is unique to CVE-2023-35078 announced earlier.

authentification

A path traversal vulnerability in Ivanti EPMM versions (11.10.x < 11.10.0.3, 11.9.x < 11.9.1.2 and 11.8.x < 11.8.1.2)

CVE-2023-35081 7.2 - High - August 03, 2023

A path traversal vulnerability in Ivanti EPMM versions (11.10.x < 11.10.0.3, 11.9.x < 11.9.1.2 and 11.8.x < 11.8.1.2) allows an authenticated administrator to write arbitrary files onto the appliance.

Directory traversal

An authentication bypass vulnerability in Ivanti EPMM

CVE-2023-35078 9.8 - Critical - July 25, 2023

An authentication bypass vulnerability in Ivanti EPMM allows unauthorized users to access restricted functionality or resources of the application without proper authentication.

authentification

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Ivanti Endpoint Manager Mobile or by Ivanti? Click the Watch button to subscribe.

Ivanti
Vendor

subscribe