Peter Girnus Peter Girnus

Ivanti EPMM Security Update for July, 2025: Critical OS Command Injection Vulnerabilities

Ivanti's Endpoint Manager Mobile (EPMM) July 8, 2025 security advisory reveals two high-severity OS command injection vulnerabilities in Endpoint Manager Mobile (EPMM) that enable authenticated remote code execution. While exploitation requires administrative privileges, the impact on enterprise mobile device management infrastructure demands immediate patching across all affected version branches.

Read More
Peter Girnus Peter Girnus

Ivanti Security Update for July, 2025: Connect Secure and Policy Secure VPN Appliances

Ivanti's July 8, 2025 security advisory addresses six medium-severity vulnerabilities affecting Connect Secure and Policy Secure VPN appliances. While none show active exploitation, the flaws enable configuration manipulation, credential exposure, and service disruption when exploited by authenticated attackers. Organizations must upgrade to Connect Secure 22.7R2.8 and Policy Secure 22.7R1.5 immediately.

Read More
Peter Girnus Peter Girnus

SAP Security Update - July 2025

SAP's July 2025 Security Patch Day delivers one of the most critical security updates in recent memory, addressing 27 new vulnerabilities with 7 classified as critical severity. The headline vulnerability, CVE-2025-30012, carries the maximum CVSS score of 10.0 and allows unauthenticated remote code execution in SAP Supplier Relationship Management systems.

Read More