Ivanti EPMM CVE-2026-6973 RCE Under Active Exploitation Grants Admin-Level Access

Ivanti has issued a warning about CVE-2026-6973, a high-severity remote code execution vulnerability in Endpoint Manager Mobile (EPMM) that is being actively exploited in limited attacks. The flaw, caused by improper input validation, allows authenticated users with administrative access to execute remote code on affected systems running EPMM versions prior to 12.6.1.1, 12.7.0.1, and 12.8.0.1.

Ivanti is warning that a new security flaw impacting Endpoint Manager Mobile (EPMM) has been explored in limited attacks in the wild. The high-severity vulnerability, CVE-2026-6973 (CVSS score: 7.2), is a case of improper input validation affecting EPMM before versions 12.6.1.1, 12.7.0.1, and 12.8.0.1. It allows "a remotely authenticated user with administrative access to achieve remote code

Originally published at thehackernews.com

#Cybersecurity #Endpoint-Security #Malware #Mobile-Device-Management #Vulnerabilities #Vulnerability Management #Zero-Day-Exploit

Ivanti EPMM CVE-2026-6973 RCE Under Active Exploitation Grants Admin-Level Access

Talk to an architect about applying this to your stack.

More from the journal

PCPJack Credential Stealer Exploits 5 CVEs to Spread Worm-Like Across Cloud Systems

Anti-DDoS Firm Heaped Attacks on Brazilian ISPs

Attacks Abuse Windows Phone Link to Steal Texts & Bypass 2FA

Ivanti EPMM CVE-2026-6973 RCE Under Active Exploitation Grants Admin-Level Access

Talk to an architect about applying this to your stack.

More from the journal

PCPJack Credential Stealer Exploits 5 CVEs to Spread Worm-Like Across Cloud Systems

Anti-DDoS Firm Heaped Attacks on Brazilian ISPs

Attacks Abuse Windows Phone Link to Steal Texts &amp; Bypass 2FA

Attacks Abuse Windows Phone Link to Steal Texts & Bypass 2FA