OS Command Injection Vulnerability in Ivanti Endpoint Manager Mobile
CVE-2026-10727
7.2HIGH
What is CVE-2026-10727?
An OS command injection vulnerability exists in Ivanti Endpoint Manager Mobile (EPMM) that allows a remote authenticated attacker to execute arbitrary commands with root privileges. This flaw affects versions prior to 12.9.0.1, along with specific releases 12.8.0.3 and 12.7.0.2, posing significant risks to the integrity and security of affected systems.
Affected Version(s)
Endpoint Manager Mobile 12.9.0.1
Endpoint Manager Mobile 12.9.0.1
Endpoint Manager Mobile 12.8.0.3