THREAT OPS › Threat News › 2026-001: Critical vulnerabilities in Ivanti EPMM
2026-001: Critical vulnerabilities in Ivanti EPMM
On 29 January 2026, Ivanti released a security advisory addressing two critical vulnerabilities in their EPMM products. An attacker could exploit those flaws to achieve unauthenticated remote code execution on the vulnerable device. One of these vulnerabilities have been exploited in a limited number of cases.<br />
MITRE ATT&CK techniques
- VulnerabilitiesT1588.006
Original source: https://cert.europa.eu/publications/security-advisories/2026-001/