wid-sec-w-2026-1840 · Published 2026-06-09 · View on BSI CERT-Bund ↗

Ivanti Endpoint Manager Mobile: Multiple Vulnerabilities allow Ausführen from beliebigem Programmcode

CVSS N/A NONE CISA KEV — Known Exploited

Risk Summary

Ein entfernter, authentisierter Angreifer kann mehrere Schwachstellen in Ivanti Endpoint Manager Mobile ausnutzen, um beliebigen Programmcode mit Administratorrechten auszuführen.

CVEs (2)

CVE-2026-10727 CVE-2026-6973

Affected Vendors

Ivanti

Affected Products (6)

Ivanti · Endpoint Manager Mobile <12.8.0.3

Ivanti · Endpoint Manager Mobile 12.8.0.3

Ivanti · Endpoint Manager Mobile <12.9.0.1

Ivanti · Endpoint Manager Mobile 12.9.0.1

Ivanti · Endpoint Manager Mobile <12.7.0.2

Ivanti · Endpoint Manager Mobile 12.7.0.2

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more