Ivanti warned customers to patch CVE-2026-6973, a high-severity remote code execution flaw in Endpoint Manager Mobile (EPMM) that has been exploited in zero-day attacks and affects EPMM 12.8.0.0 and earlier. The company also released fixes for four other high-severity EPMM issues and advised administrators to review and rotate privileged credentials where needed. #Ivanti #CVE-2026-6973 #EPMM #CISA
Keypoints
- Ivanti disclosed CVE-2026-6973, a high-severity EPMM remote code execution vulnerability.
- The flaw can let authenticated attackers with admin privileges execute arbitrary code.
- Ivanti said limited zero-day exploitation of CVE-2026-6973 has been observed.
- Customers should upgrade to EPMM 12.6.1.1, 12.7.0.1, or 12.8.0.1 and review admin accounts.
- Ivanti also patched four other high-severity EPMM flaws, while CISA has previously flagged multiple Ivanti issues as exploited in the wild.