BTC $71,807
2026 Bull Run Is Building Start trading with 5% OFF all fees
Sign Up Now
BTC $71,807
Bull Run 2026 | 5% Off Fees Open your Binance account today
Sign Up

Ivanti EPMM Zero-Day Exploited, CISA Issues Order

New Ivanti flaw exploited; CISA mandates patch alongside four other high-severity vulnerabilities.

  • A new, actively exploited flaw (CVE-2026-6973) in Ivanti Endpoint Manager Mobile allows authenticated admins remote code execution.
  • The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has mandated federal agencies to patch the vulnerability by May 10, 2026.
  • Ivanti patched four additional high-severity vulnerabilities in its on-premises EPMM product alongside the exploited bug.
  • Successful exploitation requires administrative access, but risk is reduced for customers who rotated credentials after previous incidents.

On May 07, 2026, Ivanti disclosed that a new high-severity security flaw in its Endpoint Manager Mobile (EPMM) software is being exploited in limited, targeted attacks. The vulnerability, tracked as CVE-2026-6973, enables remote code execution by attackers who have obtained administrative access to the system.

- Advertisement -

Consequently, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added this flaw to its Known Exploited Vulnerabilities catalog. Federal agencies are now required to apply the available patches by a specific deadline.

Ivanti said in an advisory, “We are aware of a very limited number of customers exploited with CVE-2026-6973.” However, the identity and ultimate objectives of the threat actors remain unknown at this time.

Meanwhile, the company also released fixes for four other critical vulnerabilities in the same product. These flaws include improper access control and certificate validation issues that could grant attackers administrative privileges or allow device impersonation.

The company said these issues only affect the on-premises EPMM product and not its cloud-based management solutions. Consequently, users of the on-premises software are urged to update to the patched versions immediately to mitigate risk.

- Advertisement -

✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.

Previous Articles:

- Advertisement -
Ad
Altseason Is Loading. Don't watch from the sidelines.
SOL $90.51
DOGE $0.0963
LINK $9.02
SUI $1.00
5% off fees when you sign up
Start Trading
Ad
Pay Less on Every Trade. For Life.
$10K/mo volume Save $60/yr
$50K/mo volume Save $300/yr
$100K/mo volume Save $600/yr
5% off all trading fees when you sign up
Claim Your Discount

Latest News

MoonPay’s MoonAgents AI assistant now on Telegram

MoonPay launched support for its AI crypto assistant, MoonAgents, on the Telegram messaging platform...

GoPro founder loans $20M to save sinking company

GoPro founder and CEO Nicholas Woodman is extending $20 million in financing to the...

Sony Bank gains US approval to launch dollar stablecoins

Sony Bank received preliminary approval from the OCC to establish a US trust bank...

RoguePlanet Microsoft Defender Flaw Patched After Month Delay

Microsoft patched a Defender privilege escalation flaw called RoguePlanet, tracked as CVE-2026-50656, nearly a...

AVAX Surges 5.6% After Grayscale Shoutout, Outperforms BTC

Avalanche (AVAX) surged 5.6% in the daily charts and 2.7% over 14 days, outperforming...

Must Read

How Cryptocurrency Works For Beginners?

Welcome to the world of cryptocurrency! If you're new to this exciting and rapidly evolving landscape, you might feel like Alice in Wonderland, exploring...
Ad
Altseason Is Loading. These 4 coins are trending right now.
SOL $92.12
DOGE $0.0950
LINK $9.02
SUI $1.02
5% off spot fees when you sign up
Start Trading