Summary

Ivanti has disclosed a high-severity vulnerability in its Endpoint Manager Mobile (EPMM) product, identified as CVE-2026-6973. This flaw is currently being exploited in limited attacks, allowing remote code execution by authenticated users with administrative access.

Key Points

• The vulnerability is identified as CVE-2026-6973 with a CVSS score of 7.2.
• It affects Ivanti EPMM versions prior to 12.6.1.1, 12.7.0.1, and 12.8.0.1.
• The issue stems from improper input validation.
• Exploitation allows a remotely authenticated user to execute code with administrative privileges.
• Ivanti has issued a warning about active exploitation in the wild.

Analysis

This vulnerability is significant due to its potential to grant attackers administrative-level access through remote code execution. The fact that it is already being exploited in the wild increases the urgency for affected organizations to apply patches or mitigations. The CVSS score of 7.2 underscores the high risk associated with this flaw, making it a priority for IT security teams.

Conclusion

IT professionals should immediately verify if their systems are running affected versions of Ivanti EPMM and apply the necessary updates to mitigate this vulnerability. Continuous monitoring for any signs of exploitation is also recommended.