A high-severity improper input validation flaw (CVE-2026-6973, CVSS 7.2) in Ivanti EPMM allows authenticated remote attackers with administrative privileges to execute arbitrary code. The vulnerability is being exploited as a zero-day in the wild. Affected versions are Ivanti Endpoint Manager Mobile prior to 12.6.1.1, as well as versions 12.7.0.0 and 12.8.0.0; Ivanti has released a fix in version 12.6.1.1.
Ivanti has released fixes for 5 high-severity vulnerabilities in its Endpoint Manager Mobile (EPMM) solution, one of which (CVE-2026-6973) has being exploited as a zero-day by attackers. “We are aware of a very limited number of customers exploited with CVE-2026-6973,” the company said in a security advisory published on Thursday. About CVE-2026-6973 CVE-2026-6973 is caused by improper input validation and allows remote attackers with administrative privileges to execute arbitrary code on vulnerable instances. “If customers … More → The post Ivanti EPMM vulnerability exploited in zero-day attacks (CVE-2026-6973) appeared first on Help Net Security .