Ivanti EPMM CVE-2026-6973 RCE Under Active Exploitation Grants Admin-Level Access
Ivanti is warning that a new security flaw impacting Endpoint Manager Mobile (EPMM) has been explored in limited attacks in the wild. The high-severity vulnerability, CVE-2026-6973 (CVSS score: 7.2), is a case of improper input validation affecting EPMM before versions 12.6.1.1, 12.7.0.1, and 12.8.0
ORIGINAL SOURCE →via The Hacker News
ADVERTISEMENT
⚡ STAY AHEAD
Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.
GET THE SUNDAY BRIEFING →RELATED · cyber
- [CYBER] Wordfence Intelligence Weekly WordPress Vulnerability Report (April 27, 2026 to May 3, 2026)
- [CYBER] Writing Custom SAST Rules for Vulnerabilities Your Scanner Doesn't Cover
- [CYBER] New PCPJack worm steals credentials, cleans TeamPCP infections
- [CYBER] Devices Hacked
- [CYBER] Hackers hack victims hacked by other hackers
- [CYBER] U.S. CISA adds a flaw in Ivanti Endpoint Manager Mobile (EPMM) to its Known Exploited Vulnerabilities catalog