CISA: Recently Patched Ivanti EPM Flaw Now Actively Exploited

CISA: Recently patched Ivanti EPM flaw now actively exploited

CISA flagged a high-severity Ivanti Endpoint Manager (EPM) vulnerability as actively exploited in attacks and ordered U.S. federal agencies to patch systems within three weeks.

CISA Alerts on Ivanti Endpoint Manager Vulnerability Auth Bypass Exploited in the Wild

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a newly disclosed security vulnerability affecting Ivanti Endpoint Manager (EPM) to its Known Exploited Vulnerabilities (KEV) Catalog, warning that the issue is being actively exploited in the wild. The vulnerability, tracked as CVE-2026-1603, allows attackers to bypass authentication protections and potentially access sensitive credential data […] The post CISA Alerts on…

Recently patched Ivanti EPM flaw now actively exploited - Cybernoz - Cybersecurity News

CISA flagged a high-severity Ivanti Endpoint Manager (EPM) vulnerability as actively exploited in attacks and ordered U.S. federal agencies to patch systems within three weeks. Ivanti’s EPM software is an all-in-one endpoint management solution for managing client devices across Windows, macOS, Linux, Chrome OS, and IoT platforms. Tracked as CVE-2026-1603, this security flaw can be exploited by remote threat actors without privileges to bypass a…

CISA Adds Three Known Exploited Vulnerabilities to Catalog

CISA Adds Three Known Exploited Vulnerabilities to Catalog ggaylor Mar 09, 2026 Release DateMarch 09, 2026 DescriptionCISA has added three new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.CVE-2021-22054 Omnissa Workspace ONE Server-Side Request ForgeryCVE-2025-26399 SolarWinds Web Help Desk Deserialization of Untrusted Data VulnerabilityCVE-2026-1603 Ivanti Endpoint Manager (EPM…