Ivanti has issued an urgent warning regarding a high-severity remote code execution (RCE) vulnerability, tracked as CVE-2026-6973, in its Endpoint Manager Mobile (EPMM) product. The flaw stems from improper input validation and is currently being exploited in limited zero-day attacks. While successful exploitation requires administrative privileges, the vulnerability poses a significant risk to on-premises installations of EPMM versions 12.8.0.0 and earlier.
In addition to the zero-day, Ivanti patched four other high-severity vulnerabilities that could lead to unauthorized administrative access or information disclosure. Organizations are advised to update to the latest patched versions (12.6.1.1, 12.7.0.1, or 12.8.0.1) immediately and rotate administrative credentials. This advisory follows a series of previous EPMM exploits that have targeted government agencies globally, prompting extensive scrutiny from security agencies like CISA.
Top comments (0)