Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Ivanti Endpoint Manager unpatched RCE and privilege-escalation flaws deserialization flaw

Vulnerability
First reported
Last updated
Happening score
H score 37
1 unique sources, 1 articles

Summary

Hide ▲

ZDI disclosed 13 unpatched flaws in Ivanti Endpoint Manager, including a local privilege-escalation bug and 12 RCE issues that can expose affected deployments to System/service-account/user-context code execution. The weaknesses affect AgentPortal and multiple report/query classes and methods, all tied to improper validation of user-supplied input/data. The most severe issue carries a CVSS 8.8 score, and Ivanti has not yet published a patch advisory. ZDI says the only salient mitigation is to restrict interaction with the product until fixes arrive.

Related Happenings

CISA emergency patch deadline for Ivanti EPMM

Public Sector Action
First: 08.05.2026 15:16 Last: 08.05.2026 15:16 Sources 1

About this happening: CISA ordered **U.S. federal agencies** to patch **Ivanti EPMM** by **midnight Sunday, May 10** after adding **CVE-2026-6973** to its list of vulnerabilities exploited in attacks....

Open Happening

Ivanti EPMM zero-day remote code execution (CVE-2026-6973)

Vulnerability
First: 07.05.2026 18:20 Last: 07.05.2026 18:20 Sources 1

About this happening: Ivanti's disclosure of **CVE-2026-6973** puts **Endpoint Manager Mobile (EPMM)** customers on alert for a **zero-day remote code execution** flaw that can let authenticated admins...

Latest development: 07.05.2026 20:55

The U.S. Cybersecurity and Infrastructure Security Agency added CVE-2026-6973 to its Known Exploited Vulnerabilities (KEV) catalog and required Federal Civilian Executive Branch agencies to apply the fixes by May 10, 2026.

Open Happening

CISA KEV listing and FCEB patch order for Ivanti EPMM

Public Sector Action
First: 08.04.2026 21:15 Last: 08.04.2026 21:15 Sources 1

About this happening: **CISA** added **CVE-2026-1340** to the **KEV Catalog** and ordered **FCEB agencies** to patch **Ivanti Endpoint Manager Mobile (EPMM)** by **Saturday midnight, April 11**, forcin...

Open Happening

Ivanti Endpoint Manager (EPM) authentication bypass (CVE-2026-1603)

Vulnerability
First: 10.03.2026 13:36 Last: 10.03.2026 13:36 Sources 1

About this happening: A **high-severity** flaw in **Ivanti Endpoint Manager (EPM)** is now **actively exploited**, putting **remote unauthenticated attackers** in position to **bypass authentication**...

Open Happening

Trend Micro Apex Central LoadLibraryEX RCE (CVE-2025-69258)

Vulnerability
First: 09.01.2026 12:40 Last: 09.01.2026 12:40 Sources 1

About this happening: **CVE-2025-69258** in **Trend Micro Apex Central (on-premise)** lets an **unauthenticated remote attacker** trigger **SYSTEM-level remote code execution** on affected management c...

Open Happening

Timeline

  1. 10.10.2025 12:45 2 articles · 7mo ago

    Ivanti Endpoint Manager unpatched RCE and privilege-escalation flaws deserialization flaw

    Initial Disclosure

    ZDI disclosed **13 unpatched Ivanti Endpoint Manager flaws** on **2025-10-10**, including a **local privilege-escalation** issue in **AgentPortal** and multiple **RCE** bugs. The issues were reported months earlier and remain without CVEs or vendor patches.

    Show sources
    Open in new tab