High severity7.2CISA KEVNVD Advisory· Published May 7, 2026· Updated Jun 11, 2026
CVE-2026-6973
CVE-2026-6973
Description
An Improper Input Validation in Ivanti EPMM before versions 12.6.1.1, 12.7.0.1, and 12.8.0.1 allows a remotely authenticated user with administrative access to achieve remote code execution.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4cpe:2.3:a:ivanti:endpoint_manager_mobile:*:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:ivanti:endpoint_manager_mobile:*:*:*:*:*:*:*:*range: <12.6.1.1
- cpe:2.3:a:ivanti:endpoint_manager_mobile:12.7.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ivanti:endpoint_manager_mobile:12.8.0.0:*:*:*:*:*:*:*
- (no CPE)range: <12.6.1.1 || >=12.7.0 <12.7.0.1 || >=12.8.0 <12.8.0.1
Patches
Vulnerability mechanics
References
2- hub.ivanti.com/s/article/May-2026-Security-Advisory-Ivanti-Endpoint-Manager-Mobile-EPMM-Multiple-CVEsnvdVendor Advisory
- www.cisa.gov/known-exploited-vulnerabilities-catalognvdUS Government Resource
News mentions
12- Ivanti Endpoint Manager Mobile Vulnerability Enables Remote Code Execution AttacksCyber Security News · Jun 11, 2026
- Critical Vulnerabilities Patched in Fortinet, Ivanti ProductsSecurityWeek · Jun 10, 2026
- 11th May – Threat Intelligence ReportCheck Point Research · May 11, 2026
- ⚡ Weekly Recap: Linux Rootkit, macOS Crypto Stealer, WebSocket Skimmers and MoreThe Hacker News · May 11, 2026
- Week in review: cPanel vulnerability actively exploited, DigiCert breach, LinkedIn job scamsHelp Net Security · May 10, 2026
- CISA gives feds four days to patch Ivanti flaw exploited as zero-dayBleepingComputer · May 8, 2026
- Ivanti EPMM vulnerability exploited in zero-day attacks (CVE-2026-6973)Help Net Security · May 8, 2026
- Ivanti Patches EPMM Zero-Day Exploited in Targeted AttacksSecurityWeek · May 8, 2026
- Ivanti EPMM CVE-2026-6973 RCE Under Active Exploitation Grants Admin-Level AccessThe Hacker News · May 7, 2026
- Ivanti CVE-2026-6973 Added to CISA KEV Under Active ExploitationVypr Intelligence · May 7, 2026
- Ivanti warns of new EPMM flaw exploited in zero-day attacksBleepingComputer · May 7, 2026
- CISA Adds One Known Exploited Vulnerability to CatalogCISA Alerts