BugCrowd Bug Bounty Disclosure: P2 – Unauthenticated Remote Code Execution (CVE-2025-4428) – Ironsoul74

May 22, 2025
Unauthenticated Remote Code Execution (CVE-2025-4428)

Unauthenticated Remote Code Execution (CVE-2025-4428)

Researcher: Ironsoul74
Engagement: Unisys Vulnerability Disclosure Engagement
Disclosed at: 2025-05-22T06:59:01Z
Priority: P2
Status: Resolved

Summary

One of the Unisys-owned domains was found to be vulnerable to CVE-2025-4428, a high-severity remote code execution (RCE) vulnerability affecting Ivanti Endpoint Manager Mobile. The affected domain was accessible without any prior authentication, potentially allowing an attacker to execute arbitrary code on the target system. This vulnerability has a CVSS score of 7.2 (High), indicating a significant security risk if exploited.

Activity Feed

Actor Details Timestamp (UTC)
a Crowdcontrol user a Crowdcontrol user published 2025-05-22T06:59:01Z
a Crowdcontrol user a Crowdcontrol user updated 2025-05-22T06:54:27Z
Tal_Bugcrowd Tal_Bugcrowd resolved a blocker for 2025-05-21T10:25:58Z
Ironsoul74 Ironsoul74 requested 2025-05-21T08:04:01Z
a Crowdcontrol user a Crowdcontrol user changed the state to to resolved 2025-05-21T07:43:27Z
a Crowdcontrol user a Crowdcontrol user sent a: message 2025-05-21T07:43:20Z
Ironsoul74 Ironsoul74 sent a: message 2025-05-21T07:29:52Z
a Crowdcontrol user a Crowdcontrol user changed the state to to unresolved 2025-05-21T06:19:27Z
a Crowdcontrol user a Crowdcontrol user sent a: message 2025-05-21T06:19:16Z
Ironsoul74 Ironsoul74 sent a: message 2025-05-20T11:08:12Z
a Crowdcontrol user a Crowdcontrol user changed the severity to 2025-05-20T08:48:59Z
a Crowdcontrol user a Crowdcontrol user created a blocker on 2025-05-20T08:47:54Z
a Crowdcontrol user a Crowdcontrol user resolved a blocker for 2025-05-20T08:47:53Z
a Crowdcontrol user a Crowdcontrol user sent a: message 2025-05-20T08:47:52Z
Ironsoul74 Ironsoul74 sent a: message 2025-05-20T01:47:34Z
mehmet_bugcrowd mehmet_bugcrowd sent a: message 2025-05-19T23:53:05Z
mehmet_bugcrowd mehmet_bugcrowd created a blocker on 2025-05-19T23:52:58Z
Ironsoul74 Ironsoul74 resolved a blocker for 2025-05-17T21:46:44Z
Ironsoul74 Ironsoul74 sent a: message 2025-05-17T21:46:43Z
Tal_Bugcrowd Tal_Bugcrowd created a blocker on 2025-05-17T19:41:53Z
Tal_Bugcrowd Tal_Bugcrowd sent a: message 2025-05-17T19:41:48Z
Ironsoul74 Ironsoul74 created the submission 2025-05-17T15:09:21Z

A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.

If you like the site, please support us on “Patreon” or “Buy Me A Coffee” using the buttons below

Buy Me A Coffee
Patreon

To keep up to date follow us on the below channels.

Tags: , ,

You may have missed

image

CVE Alert: CVE-2025-48069

May 22, 2025
image

CVE Alert: CVE-2025-5033

May 22, 2025
image

CVE Alert: CVE-2025-5020

May 22, 2025
image

CVE Alert: CVE-2025-4416

May 22, 2025
image

CVE Alert: CVE-2025-48064

May 22, 2025