Ivanti endpoint manager mobile
This hub aggregates every CVE we track for Ivanti endpoint manager mobile, a product in the security products space. Use it to gauge the current risk picture and drill into individual advisories.
16
CVEs tracked
6
Critical
7
High
8
In CISA KEV
Severity distribution
HIGH7CRITICAL6MEDIUM3
Monthly trend
0
4
0
0
0
0
0
0
0
0
2
0
2
0
0
0
0
0
2
0
0
0
1
0
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting Ivanti endpoint manager mobile.
- CVE-2026-6973An Improper Input Validation in Ivanti EPMM before versions 12.6.1.1, 12.7.0.1, and 12.8.0.1 allows a remotely authenticated user with administrative access to achieve remote code execution.KEV7.2
- CVE-2026-1340A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated remote code execution.KEV9.8
- CVE-2026-1281A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated remote code execution.KEV9.8
- CVE-2025-6771OS command injection in Ivanti Endpoint Manager7.2
- CVE-2025-6770OS command injection in Ivanti Endpoint Manager7.2
- CVE-2025-4428Remote Code ExecutionKEV7.2
- CVE-2025-4427Authentication BypassKEV5.3
- CVE-2024-36130An insufficient authorization vulnerability in web component of EPMM prior to 12.1.0.1 allows an unauthorized attacker within the network to execute arbitrary commands on the underlying operating s...9.8
- CVE-2024-34788An improper authentication vulnerability in web component of EPMM prior to 12.1.0.1 allows a remote malicious user to access potentially sensitive information6.5
- CVE-2024-36132Insufficient verification of authentication controls in EPMM prior to 12.1.0.1 allows a remote attacker to bypass authentication and access sensitive resources.7.5
- CVE-2024-36131An insecure deserialization vulnerability in web component of EPMM prior to 12.1.0.1 allows an authenticated remote attacker to execute arbitrary commands on the underlying operating system of the ...8.8
- CVE-2024-22026A local privilege escalation vulnerability in EPMM before 12.1.0.0 allows an authenticated local user to bypass shell restriction and execute arbitrary commands on the appliance.6.7
- CVE-2023-35082An authentication bypass vulnerability in Ivanti EPMM 11.10 and older, allows unauthorized users to access restricted functionality or resources of the application without proper authentication. Th...KEV9.8
- CVE-2023-35081A path traversal vulnerability in Ivanti EPMM versions (11.10.x < 11.10.0.3, 11.9.x < 11.9.1.2 and 11.8.x < 11.8.1.2) allows an authenticated administrator to write arbitrary files onto the applia...KEV7.2
- CVE-2023-35078An authentication bypass vulnerability in Ivanti EPMM allows unauthorized users to access restricted functionality or resources of the application without proper authentication.KEV9.8
Product normalization is registry-driven with AI assist and human review. How it works