—–BEGIN PGP SIGNED MESSAGE—–

Hash: SHA256

Access Control Vulnerability in Ivanti Neurons for ITSM

Indian – Computer Emergency Response Team (https://www.cert-in.org.in)

Severity Rating: HIGH

Software Affected

Ivanti Neurons for ITSM (On-Premises) versions 2025.4 and prior

Ivanti Neurons for ITSM (Cloud) versions 2026.1 and prior

Overview

A vulnerability has been reported in Ivanti Neurons for ITSM, which could allow a remote authenticated attacker to gain administrative access on the targeted system.

Target Audience:

IT administrators, IT operations teams and security personnel using Ivanti Neurons for ITSM.

Risk Assessment:

High risk of unauthorized access to sensitive data.

Impact Assessment:

Potential for privilege escalation, data exposure.

Description

Ivanti Neurons for ITSM is an AI-powered IT service management platform that automates workflows, accelerates service delivery, and enhances employee experiences across the enterprise.

A vulnerability has been reported in Ivanti Neurons for ITSM due to improper access control in both cloud and on-premises deployments. An attacker could exploit this vulnerability to gain administrative access by circumventing intended authorization mechanisms.

Successful exploitation of this vulnerability could allow a remote authenticated attacker to gain elevated privileges on the targeted system.

Solution

Apply appropriate updates as mentioned:

https://hub.ivanti.com/s/article/Security-Advisory-Ivanti-Neurons-for-ITSM-CVE-2026-9614?language=en_US

Vendor Information

Ivanti

https://hub.ivanti.com/s/article/Security-Advisory-Ivanti-Neurons-for-ITSM-CVE-2026-9614?language=en_US

References

 

https://hub.ivanti.com/s/article/Security-Advisory-Ivanti-Neurons-for-ITSM-CVE-2026-9614?language=en_US

CVE Name

CVE-2026-9614

– —

Thanks and Regards,

CERT-In

Incident Response Help Desk

e-mail: incident@cert-in.org.in

Phone: +91-11-22902657

Toll Free Number: 1800-11-4949

Toll Free Fax : 1800-11-6969

Web: http://www.cert-in.org.in

PGP Fingerprint: A768 083E 4475 5725 B81A A379 2156 C0C0 B620 D0B4

PGP Key information:

https://www.cert-in.org.in/s2cMainServlet?pageid=CONTACTUS

Postal address:

Indian Computer Emergency Response Team (CERT-In)

Ministry of Electronics and Information Technology

Government of India

Electronics Niketan

6, C.G.O. Complex

New Delhi-110 003

—–BEGIN PGP SIGNATURE—–

iQIzBAEBCAAdFiEE6r4Iam/Ey0c/KakL3jCgcSdcys8FAmohkEwACgkQ3jCgcSdc

ys+5Hw/9FLgbP1RjKsrrflhDHF6ilQRM5Y1VQHPvAs8kpFcqlMq1kJW6e9icVNXI

b3toTOiNr4dSoNcQUu/dmJSdbsZqS+u8/aBc+OgOGAqQ7soE+WENwXj2MGbLdq12

hGoxo+/2t2LEF1t8YSQcK2owB1UfYxaXdiuproaQ2vaRIVdQWR7o+b9b56JNdi+e

DVgEBdaKxrDs5NXR4reo21G4uzVnIpstcDFKskMtuU0+F6Zf2RsV0I8gWpb4/RlA

1aBIVeg3Bpha/yQxgG9VPtXnfVJbjPhlY+aORNqPyYRG/NJpIHsVZLDZtiSCNVC9

2Pe0SfO9ggoxo80xbPeoNx+hPH/4+IHPm9wP/Efh1WHhPwhWr06Ll76W+TrymJkY

oc+ISvW19ddC5HWrHIDwrFvLdnpa2G7bwjAsClE5TgWm5LbdPSfFczWl5FU8tbX6

8UW3cpQeVPClvwkpB7RuUod34556/35BmWEQOHwwj+ODvF68GUCD9NBoWOXaCtb7

Uxmrk1myShNvi4pUMrjhRNBYf14KbCebYmgTHrt0uYfLl6Rzzcloegl9spdx+Q0Q

8s9JNvX1TfQlnBbLR4BvEgJHPg0YSTTgvRUzzLraXXa2rIiQOw7JEs3mxB4+jHXX

pbuaRWQ1tCe6bBN9gHm899O2cHuU0n9Y1yQbSz4d0imdVJDOsOQ=

=ka8I

—–END PGP SIGNATURE—–