ivanti News Articles

CISA gives feds four days to patch Ivanti flaw exploited as zero-day

CISA has given U.S. federal agencies four days to secure their networks against a high-severity vulnerability in Ivanti Endpoint Manager Mobile (EPMM) exploited in zero-day attacks.

2 weeks ago

Ivanti EPMM vulnerability exploited in zero-day attacks (CVE-2026-6973) - IT Security News

Ivanti has released fixes for 5 high-severity vulnerabilities in its Endpoint Manager Mobile (EPMM) solution, one of which (CVE-2026-6973) has being exploited as a zero-day by attackers. “We are aware of a very limited number of customers exploited with CVE-2026-6973,”…Read more →

2 weeks ago

Ivanti EPMM vulnerability exploited in zero-day attacks (CVE-2026-6973) - Help Net Security

Ivanti released fixes for high-severity vulnerabilities in its EPMM solution, one of which (CVE-2026-6973) has being exploited as a zero-day.

2 weeks ago

Ivanti Patches EPMM Zero-Day Exploited in Targeted Attacks

Ivanti has patched CVE-2026-6973, an EPMM zero-day vulnerability that has been exploited in targeted attacks.

2 weeks ago

Ivanti customers confront yet another actively exploited zero-day

Attackers are hitting a frequent target in the network edge space, intruding victim networks through a defect in a widely used mobile endpoint security product.

2 weeks ago

Ivanti EPMM CVE-2026-6973 RCE Under Active Exploitation Grants Admin-Level Access

Ravie LakshmananMay 07, 2026Vulnerability / Network Security

2 weeks ago

New Ivanti EPMM 0-Day Vulnerability Actively Exploited in Attacks - IT Security News

Ivanti has issued a critical security advisory for its Endpoint Manager Mobile (EPMM) product, disclosing multiple actively exploited vulnerabilities, including CVE-2026-6973, and urging all on-premises EPMM customers to apply patches immediately. At the time of disclosure, Ivanti confirmed active e...

2 weeks ago

Ivanti EPMM CVE-2026-6973 RCE Under Active Exploitation Grants Admin-Level Access

Ivanti EPMM flaw CVE-2026-6973 exploited in limited attacks; CISA mandates fixes by May 10, 2026, increasing urgency.

2 weeks ago

New Ivanti EPMM 0-Day Vulnerability Actively Exploited in Attacks

Ivanti has issued a critical security advisory for its Endpoint Manager Mobile (EPMM) product, disclosing multiple actively exploited vulnerabilities, including CVE-2026-6973, and urging all on-premises EPMM customers to apply patches immediately.

2 weeks ago

Ivanti warns of new EPMM flaw exploited in zero-day attacks

Ivanti warned customers today to patch a high-severity remote code execution vulnerability in Endpoint Manager Mobile (EPMM) exploited in zero-day attacks.

2 weeks ago

CISA Warns of Critical Ivanti EPMM Code Injection Vulnerability Exploited in Attacks - IT Security News

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding a critical security flaw in Ivanti Endpoint Manager Mobile (EPMM). The agency recently added this flaw, tracked as CVE-2026-1340, to its Known Exploited Vulnerabilities (KEV) catalog after…Read more →

CISA Warns of Critical Ivanti EPMM Code Injection Vulnerability Exploited in Attacks

CISA warns of an actively exploited CVE-2026-1340 flaw in Ivanti Endpoint Manager Mobile, now added to its KEV catalog.

CISA Issues Warning on Critical Ivanti EPMM Flaw Exploited in Ongoing Attacks - IT Security News

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding a critical security flaw in Ivanti Endpoint Manager Mobile (EPMM). The agency recently added the vulnerability, identified as CVE-2026-1340, to its Known Exploited Vulnerabilities (KEV) catalog after…Rea...

U.S. CISA adds a flaw in Ivanti EPMM to its Known Exploited Vulnerabilities catalog - IT Security News

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Ivanti EPMM to its Known Exploited Vulnerabilities catalog The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a flaw in Ivanti EPMM, tracked as CVE-2026-1340 (CVSS score of 9.8), to…Read more →

CISA orders feds to patch exploited Ivanti EPMM flaw by Sunday

CISA has given U.S. government agencies four days to secure their systems against a critical-severity vulnerability in Ivanti Endpoint Manager Mobile (EPMM) that has been exploited in attacks since January.

CISA warns that RESURGE malware can be dormant on Ivanti devices

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released new details about RESURGE, a malicious implant used in zero-day attacks exploiting CVE-2025-0282 to breach Ivanti Connect Secure devices.

Critical Ivanti EPM Vulnerability Allows Admin Session Hijacking via Stored XSS

Cross-site scripting flaw in Ivanti Endpoint Manager 2024 SU4 and earlier could let attackers steal admin sessions without needing to log in.

CVE-2025-10573: Ivanti EPM Unauth Stored XSS Fixed

Details on CVE-2025-10573 in Ivanti EPM, an unauthenticated stored XSS flaw enabling admin session hijack, plus patch, mitigation, and response steps.

Ivanti Endpoint Manager Vulnerabilities: Update Now to Prevent RCE

Ivanti EPM has critical vulnerabilities, including a 9.6 CVSS XSS flaw. Update now to prevent remote code execution and session hijacking. Learn more.

High-Risk Ivanti EPM Vulnerability Opens Door to Admin Session Hijacking

A critical stored cross-site scripting (XSS) vulnerability in Ivanti Endpoint Manager (EPM) enables unauthenticated attackers to hijack administrator sessions.

Ivanti Security Update: Patch for Code Execution Vulnerabilities in Endpoint Manager

Ivanti has officially released urgent security updates for its Endpoint Manager (EPM) solution to address four distinct security flaws.

CISA Warns of Two Malware Strains Exploiting Ivanti EPMM CVE-2025-4427 and CVE-2025-4428

CISA details attackers exploiting Ivanti EPMM zero-days CVE-2025-4427/4428 in May 2025, enabling persistent remote code execution on vulnerable server

Fixed Ivanti Bugs Still Haunt Japan Orgs 6 Months Later

Chinese threat actors have been feeding off the same Ivanti RCE vulnerabilities we've known about since last year, partly thanks to complications in patching.

Ivanti Zero-Days Exploited to Drop MDifyLoader and Launch In-Memory Cobalt Strike Attacks

Ivanti ICS flaws exploited from Dec 2024–July 2025 to deploy MDifyLoader, Cobalt Strike, and Go tools.

Ivanti Endpoint Manager Mobile Vulnerabilities Let Attackers Execute Remote Code

Ivanti disclosed two high-severity vulnerabilities in its Endpoint Manager Mobile (EPMM) product, which could allow remote attackers to execute code on affected systems.