Known vulnerabilities in Ivanti Endpoint Manager Mobile (formerly MobileIron Core)

[]

Known vulnerabilities in Ivanti Endpoint Manager Mobile (formerly MobileIron Core)

Vendor: Ivanti

Website: https://www.ivanti.com/

Total Security Bulletins: 14

Security bulletins (14)

Secuity bulletin	Severity	Status	Published
SB2026012972: Two remote code execution vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM)	Critical	Patched Exploited	29.01.2026
SB2025101498: Multiple vulnerabilities in Invanti Endpoint Manager Mobile	Low	Patched	14.10.2025
SB2025070870: Two privilege escalation vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM)	Low	Patched	08.07.2025
SB2025051355: Remote code execution in Ivanti Endpoint Manager Mobile (EPMM)	Critical	Patched Exploited	13.05.2025
SB2024101120: Privilege escalation in Ivanti Endpoint Manager Mobile (EPMM)	Low	Patched	11.10.2024
SB2024071823: Multiple vulnerabilities in Ivanti Endpoint Manager for Mobile	High	Patched	18.07.2024
SB2024052308: Multiple vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM)	Low	Patched Public exploit	23.05.2024
SB2024010550: Improper authentication in Ivanti Endpoint Manager Mobile	High	Patched	05.01.2024
SB2023080417: Improper Authentication in Ivanti Endpoint Manager Mobile	High	Patched	04.08.2023
SB2023080345: Authentication bypass in Ivanti Endpoint Manager Mobile API	High	Patched Exploited	03.08.2023
SB2023072907: Arbitrary file overwrite in Ivanti Endpoint Manager Mobile	High	Patched Exploited	29.07.2023
SB2023072510: Authentication bypass in Ivanti Endpoint Manager Mobile (formerly MobileIron Core)	Critical	Patched Exploited	25.07.2023
SB2021122108: Remote code execution in MobileIron Core (Apache Log4j component)	Critical	Not patched Exploited	21.12.2021
SB2020070742: Multiple vulnerabilities in MobileIron Core and Connector	High	Patched Exploited	07.07.2020