Ivanti Patches EPMM Zero-Day Exploited in Targeted Attacks

https://www.securityweek.com/ivanti-patches-epmm-zero-day-exploited-in-targeted-attacks/

Publish Date: 2026-05-08 01:41:30

Summary:

Ivanti released its May 2026 security updates for the Endpoint Manager Mobile (EPMM) product, addressing five vulnerabilities including a zero-day exploit tracked as CVE-2026-6973, which is being actively exploited in targeted attacks. The flaw allows an authenticated attacker with admin privileges to perform remote code execution, posing a serious risk to affected implementations. Ivanti has reported that only a very limited number of customers are being targeted with this vulnerability. Rotating credentials, as recommended earlier for other vulnerabilities, reduces the risk associated with this flaw. Four other vulnerabilities patched—CVE-2026-5786, CVE-2026-5787, CVE-2026-5788, and CVE-2026-7821—also cover various attack vectors such as privilege escalation and information disclosure but have not been exploited in the wild. Notably, the cybersecurity community suspects Chinese threat actors might be behind the zero-day attacks targeting Ivanti’s flaws. The Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2026-6973 to its Known Exploited Vulnerabilities catalog, directing federal agencies to mitigate this risk by May 10.

Key Points:

Ivanti published security updates to patch five vulnerabilities, one of which is a zero-day actively exploited (CVE-2026-6973).
The vulnerability involves an improper input validation issue that allows for remote code execution by authenticated attackers with admin privileges.
Affected customers are reportedly a very small subset, emphasizing a targeted exploitation.
Recommendations for credential rotation, as applied to earlier vulnerabilities, can mitigate risks linked to the zero-day.
Four additional vulnerabilities were patched but have not seen active exploit attempts in the wild.

Ivanti Patches EPMM Zero-Day Exploited in Targeted Attacks

USARPAC’s 1st TIAD Strengthens Cyber Readiness, Partnerships During Marara 26 | Article

Automotive Cybersecurity News Q1 2026 – Vehicle Vulnerabilities Double Year-on-Year And Hackers “Brick” Thousands of Cars | Press Releases

Project Glasswing: Key cybersecurity agencies set to get access to Anthropic’s Mythos | Business News

Tabuga and Chile’s National Center for Artificial Intelligence br

Wall Street HALO Beckons Investors Trying to Ward Off AI-Driven Losses

The most powerful AI stories right now are not chatbots. They are the quiet algorithms reading burnt Roman scrolls, trawling through millions of galaxies, and finding things hidden in data no human team could ever finish searching.

Forget Palantir Stock at $140 per Share. Buy This Artificial Intelligence (AI) Chip ETF Instead.

USARPAC’s 1st TIAD Strengthens Cyber Readiness, Partnerships During Marara 26 | Article

More Stories

You may have missed