Skip to main content

Tag: cve 2026 6973

4 articles

Rows of equipment racks and patch panels in a brightly-lit server room or network closet.

CISA Mandates Patching of Ivanti Flaw Exploited in Zero-Day Attacks

The US Cybersecurity and Infrastructure Security Agency (CISA) is requiring immediate patching of a high-risk Ivanti flaw, CVE-2026-6973, that allows attackers with admin privileges to remotely execute code on vulnerable systems. This critical vulnerability affects Ivanti Endpoint Manager Mobile (EPMM) version 12.8.0.0 and earlier.

Analyst 207
Rows of equipment and racks in a brightly-lit server room with a single unoccupied laptop in the foreground.

Ivanti Discloses Actively Exploited Zero-Day in Endpoint Manager

Ivanti has confirmed that hackers are actively exploiting a zero-day vulnerability, CVE-2026-6973, in its Endpoint Manager Mobile (EPMM) software, allowing them to run code remotely with administrative privileges. The company has issued patches for this and four other EPMM flaws to protect its customers.

Analyst 207
Rows of computer servers with a focused server displaying a blank screen in a brightly-lit network operations center.

Ivanti EPMM Flaw Exploited, Grants Admin-Level Access

A critical flaw in Ivanti's Endpoint Manager Mobile (EPMM) has been exploited, allowing attackers to gain admin-level access - and the government is taking swift action to mitigate the threat. Federal agencies are now required to remediate the vulnerability, known as CVE-2026-6973, by May 10, 2026.

Analyst 207
IT staff members work at a computer terminal in a brightly-lit server room with a blurred monitoring screen in the…

Ivanti Discloses High-Severity EPMM Flaw Exploited in Zero-Day Attacks

Ivanti has disclosed a high-severity flaw in its Endpoint Manager Mobile (EPMM) product, which has been exploited in limited zero-day attacks requiring admin authentication. To protect against this vulnerability, customers are advised to patch to Ivanti EPMM versions 12.6.1.1, 12.7.0.1, or 12.8.0.1.

Analyst 207