CVE-2026-1603
Ivanti Endpoint Manager (EPM) Authentication Bypass Vulnerability
CVSS
—
Sin CVSS
EPSS
80.6%
p100
KEV
SÍ
9 mar 2026
Exploit Today
80
0-100
Publicado: — · Última mod.: —
Producto
Ivanti / Endpoint Manager (EPM)
Vulnerabilidad
Ivanti Endpoint Manager (EPM) Authentication Bypass Vulnerability
Añadido a KEV
9 mar 2026
Remediar antes de
23 mar 2026
Uso conocido en ransomware
No
Descripción resumida
Ivanti Endpoint Manager (EPM) contains an authentication bypass using an alternate path or channel vulnerability that could allow a remote unauthenticated attacker to leak specific stored credential data.
Acción requerida
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Notas
https://hub.ivanti.com/s/article/Security-Advisory-EPM-February-2026-for-EPM-2024?language=en_US ; https://nvd.nist.gov/vuln/detail/CVE-2026-1603
Sin CVEs relacionados por CWE o producto.