—–BEGIN PGP SIGNED MESSAGE—–

Hash: SHA256

Multiple Vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM)

Indian – Computer Emergency Response Team (https://www.cert-in.org.in)

Severity Rating: HIGH

Software Affected

Ivanti EPMM versions prior to 12.6.1.1

Ivanti EPMM versions prior to 12.7.1.1

Ivanti EPMM versions prior to 12.8.1.1

Overview

Multiple vulnerabilities have been reported in Ivanti Endpoint Manager Mobile (EPMM) which could be exploited by a remote attacker to execute arbitrary code, gain unauthorized access, escalate privileges, impersonate trusted Sentry hosts, obtain valid client certificates, or compromise affected systems.

Target Audience: 

IT administrators, cybersecurity teams, and organizations using Ivanti EPMM.

Risk Assessment:

High risk of remote compromise, unauthorized access, and enterprise mobile infrastructure takeover.

Impact Assessment:

Potential compromise of enterprise mobile device management infrastructure and sensitive corporate data.

Description

Ivanti Endpoint Manager Mobile (EPMM) is an enterprise mobile device management (MDM/UEM) solution used to secure, manage, and monitor mobile devices and applications across organizations.

These vulnerabilities exist in Ivanti Endpoint Manager Mobile (EPMM) due to improper input validation, improper certificate validation, or access control issues. A remote attacker could exploit these vulnerabilities by sending specially crafted requests to the target system.

Successful exploitation could allow the attacker to execute arbitrary code, gain unauthorized access, escalate privileges, impersonate trusted Sentry hosts, obtain valid client certificates, or compromise the enterprise mobile management infrastructure.

Note: CVE-2026-6973 is an improper input validation vulnerability in Ivanti EPMM could allow an authenticated remote attacker to execute arbitrary code on the target system. This vulnerability is being exploited in the wild. Users are advised to apply the latest patches immediately.

Solution

Apply appropriate security updates as mentioned in

https://hub.ivanti.com/s/article/May-2026-Security-Advisory-Ivanti-Endpoint-Manager-Mobile-EPMM-Multiple-CVEs?language=en_US

Vendor Information

Ivanti

https://hub.ivanti.com/s/?language=en_US

References

 

https://hub.ivanti.com/s/article/May-2026-Security-Advisory-Ivanti-Endpoint-Manager-Mobile-EPMM-Multiple-CVEs?language=en_US

CVE Name

CVE-2026-5786

CVE-2026-5787

CVE-2026-5788

CVE-2026-6973

CVE-2026-7821

– —

Thanks and Regards,

CERT-In

Incident Response Help Desk

e-mail: incident@cert-in.org.in

Phone: +91-11-22902657

Toll Free Number: 1800-11-4949

Toll Free Fax : 1800-11-6969

Web: http://www.cert-in.org.in

PGP Fingerprint: A768 083E 4475 5725 B81A A379 2156 C0C0 B620 D0B4

PGP Key information:

https://www.cert-in.org.in/s2cMainServlet?pageid=CONTACTUS

Postal address:

Indian Computer Emergency Response Team (CERT-In)

Ministry of Electronics and Information Technology

Government of India

Electronics Niketan

6, C.G.O. Complex

New Delhi-110 003

—–BEGIN PGP SIGNATURE—–

iQIzBAEBCAAdFiEE6r4Iam/Ey0c/KakL3jCgcSdcys8FAmn/L3MACgkQ3jCgcSdc

ys8KKRAAi25Shk3cK7XhKJlev4I1HRD+n3ig1jLWdGts+bCLy+nSOKara31kqFSa

Aj1LMN5EaWfuxu8Ut/PLx6DjwXpPdu3D+HVpcwB3/z6xeZHZHeWF8DCZBp3c5Ia3

+gIAla5rWUoizgtvXKbTtJUd58ODztLvNYKqUF05wBaKivJWcbI003P/F5BGzolV

lwEWdbFNCOkEx7ZkdCRDawbsAFpS1rYmKKVR8e4xmMnRJyJpG2MsYGQGB6N0raUp

Xn38yKcEUas4NV3jdIGwd2CdJzje+s+Q8tzjE8HanhjVT18gePcHrjRpZleUrfB3

31jvxMaRxFyXd8zOBhC5779Qp09y7tYUZm0Sti/U9jLppcytKAWot1SzWrwgBF6k

il60NJdlHtA4fFmxu4rAL5jCDT7y+sfZh7KepIC4PbJevYxLHqtMC5pFN4ICoywn

SzFyskoWz7XCJebfsilDjYa+oDUJsiUQTh/x91Wi5N0Fj3aRMgqCOcnEoVN0KesI

vrmggOTzlIkyV61hVU9SdUaIFciYfaJI1r99vH1CqN5kg3/K+bbtMMJa4UZuNACk

fGf5xb+DF+C6Q9eBPGL3yu4j5PMLoqM+hCvg66eLzR2U4Uc+HeMYtrVB4zuCnmQk

wslXE0wDmo6rxNGfwY8jzKW3eXMpLKTmY0WMpXcaIzDD+su9P88=

=ccLc

—–END PGP SIGNATURE—–