Summary

Ivanti disclosed five high-severity vulnerabilities in its Endpoint Manager Mobile platform, including an actively exploited zero-day (CVE-2026-6973) that allows remote code execution.

Take Action:

If you are running Ivanti Endpoint Manager Mobile (EPMM), it’s time for an emergency patch. There are five new high-severity vulnerabilities, and one is already being actively exploited. If possible isolate its management interface from the public internet. Patch to the latest version today and rotate all administrative credentials to block attackers who may have already gained a foothold.

Read the full article on BeyondMachines

This article was originally published on BeyondMachines