ivanti News Articles
Recent news articles refferecing the vendors vulnerabilities.
Ivanti Sentry Flaw Triggers CISA's First 3-Day Federal Patch Mandate, Already Exploited
Ivanti Sentry vulnerability patch is mandatory for federal agencies by June 14 under CISA’s BOD 26-04, which replaces flat CVSS deadlines with a four-variable risk model. Attackers backdoored Sentry
3 weeks ago
CISA orders feds to patch actively exploited Ivanti flaw by Sunday
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ordered government agencies to patch an actively exploited Ivanti Sentry flaw within three days, as mandated by the newly issued Binding Operational Directive (BOD) 26-04.
3 weeks ago
Ivanti Sentry Exploitation Attempts Hitting Honeypots
CVE-2026-10520, a critical-severity vulnerability in Ivanti Sentry, was flagged as exploited based on activity observed on honeypots.
3 weeks ago
Max-Severity Ivanti Sentry Flaw Exploited Within 24 Hours
Initial methods suggest attackers had likely mapped out Ivanti's asset landscape upfront and acted quickly once the exploit became public.
3 weeks ago
TechtimesCVE-2026-10520Ivanti Sentry Actively Exploited: CVSS 10.0 Flaw Backdoors Enterprise Mobile Gateways
Ivanti Sentry vulnerability CVE-2026-10520 is now actively exploited: Shadowserver confirmed backdoored enterprise mobile gateways within 24 hours of a public proof-of-concept exploit release.
3 weeks ago
It Security NewsCVE-2026-10520Ivanti Command Injection Vulnerability Exploited in Attacks Following PoC Release - IT Security News
Threat actors have begun actively exploiting a critical Ivanti Sentry command injection vulnerability just days after a proof-of-concept (PoC) exploit was made public, according to new internet scanning data from the Shadowserver Foundation. The flaw, tracked as CVE-2026-10520, carries a…Read more →
3 weeks ago
CybersecuritynewsCVE-2026-10520Ivanti Command Injection Vulnerability Exploited in Attacks Following PoC Release
Attackers are actively exploiting a critical Ivanti Sentry command injection flaw days after a public PoC exploit was released.
3 weeks ago
Help Net SecurityCVE-2026-10520Critical Ivanti Sentry flaw allows root-level remote code execution (CVE-2026-10520) - Help Net Security
Ivanti has patched two critical Ivanti Sentry vulnerabilities (CVE-2026-10520, CVE-2026-10523) and urged customers to upgrade quickly.
3 weeks ago
Max severity Ivanti Sentry vulnerability now exploited in attacks
Attackers are now targeting a recently patched maximum-severity flaw in Ivanti Sentry, enabling them to execute code with root privileges on Internet-exposed secure mobile gateways.
3 weeks ago
SwapupdateCVE-2026-10520Ivanti, Fortinet, and SAP Release Patches for Multiple Critical Vulnerabilities
Ravie LakshmananJun 10, 2026Vulnerability / Patch Management
3 weeks ago
The Hacker NewsCVE-2026-10520Ivanti, Fortinet, and SAP Release Patches for Multiple Critical Vulnerabilities
Fortinet, Ivanti, and SAP patched critical flaws up to CVSS 10.0, reducing RCE, admin takeover, and data exposure risks.
3 weeks ago
It Security NewsCVE-2026-10520Critical Ivanti Sentry flaw allows root-level remote code execution (CVE-2026-10520) - IT Security News
Ivanti has patched two critical vulnerabilities (CVE-2026-10520 and CVE-2026-10523) in Ivanti Sentry and has urged customers to implement the fix right away. Though the vulnerabilities are not known to be actively exploited, security researchers have already released technical details about…Read mor...
3 weeks ago
Ivanti tells Sentry customers to patch now as critical bugs hit 10.0 and 9.9
Remote, unauthenticated RCE with root privileges is about as bad as it gets
3 weeks ago
Ivanti tells Sentry customers to patch now as critical bugs hit 10.0 and 9.9
Remote, unauthenticated RCE with root privileges is about as bad as it gets
3 weeks ago
CISA gives feds four days to patch Ivanti flaw exploited as zero-day
CISA has given U.S. federal agencies four days to secure their networks against a high-severity vulnerability in Ivanti Endpoint Manager Mobile (EPMM) exploited in zero-day attacks.
It Security NewsCVE-2026-6973Ivanti EPMM vulnerability exploited in zero-day attacks (CVE-2026-6973) - IT Security News
Ivanti has released fixes for 5 high-severity vulnerabilities in its Endpoint Manager Mobile (EPMM) solution, one of which (CVE-2026-6973) has being exploited as a zero-day by attackers. “We are aware of a very limited number of customers exploited with CVE-2026-6973,”…Read more →
Help Net SecurityCVE-2026-6973Ivanti EPMM vulnerability exploited in zero-day attacks (CVE-2026-6973) - Help Net Security
Ivanti released fixes for high-severity vulnerabilities in its EPMM solution, one of which (CVE-2026-6973) has being exploited as a zero-day.
Ivanti Patches EPMM Zero-Day Exploited in Targeted Attacks
Ivanti has patched CVE-2026-6973, an EPMM zero-day vulnerability that has been exploited in targeted attacks.
CyberscoopIvanti customers confront yet another actively exploited zero-day
Attackers are hitting a frequent target in the network edge space, intruding victim networks through a defect in a widely used mobile endpoint security product.
SwapupdateCVE-2026-6973Ivanti EPMM CVE-2026-6973 RCE Under Active Exploitation Grants Admin-Level Access
Ravie LakshmananMay 07, 2026Vulnerability / Network Security
It Security NewsCVE-2026-6973New Ivanti EPMM 0-Day Vulnerability Actively Exploited in Attacks - IT Security News
Ivanti has issued a critical security advisory for its Endpoint Manager Mobile (EPMM) product, disclosing multiple actively exploited vulnerabilities, including CVE-2026-6973, and urging all on-premises EPMM customers to apply patches immediately. At the time of disclosure, Ivanti confirmed active e...
The Hacker NewsCVE-2026-6973Ivanti EPMM CVE-2026-6973 RCE Under Active Exploitation Grants Admin-Level Access
Ivanti EPMM flaw CVE-2026-6973 exploited in limited attacks; CISA mandates fixes by May 10, 2026, increasing urgency.
CybersecuritynewsCVE-2026-6973New Ivanti EPMM 0-Day Vulnerability Actively Exploited in Attacks
Ivanti has issued a critical security advisory for its Endpoint Manager Mobile (EPMM) product, disclosing multiple actively exploited vulnerabilities, including CVE-2026-6973, and urging all on-premises EPMM customers to apply patches immediately.
Ivanti warns of new EPMM flaw exploited in zero-day attacks
Ivanti warned customers today to patch a high-severity remote code execution vulnerability in Endpoint Manager Mobile (EPMM) exploited in zero-day attacks.
It Security NewsCVE-2026-1340CISA Warns of Critical Ivanti EPMM Code Injection Vulnerability Exploited in Attacks - IT Security News
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding a critical security flaw in Ivanti Endpoint Manager Mobile (EPMM). The agency recently added this flaw, tracked as CVE-2026-1340, to its Known Exploited Vulnerabilities (KEV) catalog after…Read more →