Ivanti
Coverage of Ivanti in the Nexus archive.
- CISA orders feds to patch actively exploited Ivanti flaw by Sunday
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ordered federal agencies to patch an actively exploited Ivanti Sentry flaw within three days as mandated by the newly issued Binding Operational Directive (BOD) 26-04.
- Ivanti: Max severity Sentry flaw allows code execution as root
Ivanti has patched two critical vulnerabilities in its Sentry secure mobile gateway solution, including a maximum-severity flaw that enables remote attackers to execute code with root privileges.
- Ivanti, Fortinet, SAP, VMware, n8n Patch RCE, SQL Injection, Privilege Escalation Flaws
Ivanti, Fortinet, n8n, SAP, and VMware have released security fixes for various vulnerabilities that could be exploited by bad actors to bypass authentication and execute arbitrary code. A critical flaw impacting Ivanti Xtraction could be exploited to achieve information disclosure or client-side attacks. The vulnerabilities affect multiple products from these companies.
- Ivanti customers confront yet another actively exploited zero-day
Ivanti customers are being targeted by attackers exploiting a zero-day vulnerability in Ivanti Endpoint Manager Mobile, with limited exploitation reported. The company has released patches for five high-severity vulnerabilities, including the zero-day defect. Ivanti warned customers of the threat and suggested rotating credentials to reduce risk.
- Ivanti EPMM CVE-2026-6973 RCE Under Active Exploitation Grants Admin-Level Access
Ivanti's Endpoint Manager Mobile has a high-severity vulnerability, CVE-2026-6973, that allows remote code execution with admin-level access. The flaw affects versions before 12.6.1.1, 12.7.0.1, and 12.8.0.1. It is being exploited in limited attacks.
- Ivanti warns of new EPMM flaw exploited in zero-day attacks
Ivanti has warned customers about a high-severity remote code execution vulnerability in Endpoint Manager Mobile exploited in zero-day attacks. The company is urging customers to patch the flaw as soon as possible. The vulnerability is being actively exploited by attackers.
- Network ‘background noise’ may predict the next big edge-device vulnerability
Research by GreyNoise indicates that spikes in network traffic targeting edge devices can predict upcoming vulnerability disclosures, often up to nine days before public alerts. The study found that 50% of detected activity surges led to vendor disclosures within three weeks, highlighting coordinated attacker behavior against security appliances.