VulnerabilitySecurity Week
7.2 — HIGH
Ivanti Patches EPMM Zero-Day Exploited in Targeted Attacks
CVE-2026-6973 is a high-severity vulnerability that allows an attacker who has admin privileges to execute arbitrary code. The post Ivanti Patches EPMM Zero-Day Exploited in Targeted Attacks appeared first on SecurityWeek.
🤖 AI BriefingAuto-generated threat analysis
🔍Threat Overview
A high-severity zero-day vulnerability in Ivanti EPMM was exploited in targeted attacks, allowing attackers with administrative access to execute arbitrary code remotely.
⚙️Technical Details
CVEs
CVE-2026-6973Affected Systems: Ivanti Endpoint Manager MobileAttack Vectors: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Affected Systems
Ivanti Endpoint Manager Mobile
Attack Vectors
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
💥Impact Assessment
Severity: High
Who Is at Risk
Administrators with administrative access to Ivanti Endpoint Manager Mobile
🛡️Recommended Actions
1Apply the latest patch for Ivanti EPMM from the official Ivanti website
2Restrict administrative privileges and monitor system logs for suspicious activity
3Implement additional security controls, such as network segmentation and intrusion detection
📦Affected Products
Ivanti Endpoint Manager Mobile
🔐NVD Verified DataVERIFIED
CVE-2026-6973 ↗CVSS 7.2 — HIGH
Attack Vector
NETWORK
Complexity
LOW
Vector String
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HWeaknesses
CWE-20
Affected Products (CPE)
Ivanti Endpoint Manager Mobile
Read the full article
This is a curated summary. The complete article is available at Security Week.