James Turner
@cisolens.com
Infosec/cyber industry analyst. Founder of CISO Lens, the strategic ISAC of Australia & New Zealand.
From ACSC:
CVE-2025-4427: Medium severity Authentication Bypass
CVE-2025-4428: High severity Remote Code Execution
When chained together, these vulnerabilities can provide unauthenticated attackers Remote Code Execution.
All versions of Ivanti EPMM prior to and including 12.5.0.0 are vulnerable.
CVE-2025-4427: Medium severity Authentication Bypass
CVE-2025-4428: High severity Remote Code Execution
When chained together, these vulnerabilities can provide unauthenticated attackers Remote Code Execution.
All versions of Ivanti EPMM prior to and including 12.5.0.0 are vulnerable.
May 13, 2025 at 10:43 PM
From ACSC:
CVE-2025-4427: Medium severity Authentication Bypass
CVE-2025-4428: High severity Remote Code Execution
When chained together, these vulnerabilities can provide unauthenticated attackers Remote Code Execution.
All versions of Ivanti EPMM prior to and including 12.5.0.0 are vulnerable.
CVE-2025-4427: Medium severity Authentication Bypass
CVE-2025-4428: High severity Remote Code Execution
When chained together, these vulnerabilities can provide unauthenticated attackers Remote Code Execution.
All versions of Ivanti EPMM prior to and including 12.5.0.0 are vulnerable.
Reposted by James Turner
Literally my response starting a couple of years ago to any query on "how can we use AI?" was to hand them our data classification policy and remind them that AI systems were 3rd parties.
May 1, 2025 at 4:53 AM
Literally my response starting a couple of years ago to any query on "how can we use AI?" was to hand them our data classification policy and remind them that AI systems were 3rd parties.
I’m assuming you’re already familiar with the word, petrichor?
January 8, 2025 at 10:51 PM
I’m assuming you’re already familiar with the word, petrichor?