Neue 0-Day-Schwachstelle in Ivanti EPMM wird aktiv in Angriffen ausgenutzt

The flaws exclusively affect the on-premises EPMM product and are not present Ivanti Neurons for MDM, Ivanti’s cloud-based unified endpoint management solution, Ivanti EPM, Ivanti Sentry, or any other Ivanti products.

Exploitation activity has been described as “very limited” at the time of public disclosure, though the company strongly warned that advanced AI models have dramatically collapsed the time-to-exploit window from days to mere hours after a vulnerability becomes public.

In a notable shift in vulnerability management strategy, Ivanti disclosed that it has integrated multiple advanced large language model (LLM) AI systems into its product security and engineering red team processes. This integration has enhanced the capabilities of its internal security teams to identify and remediate vulnerabilities that traditional static analysis (SAST) and dynamic analysis (DAST) tools typically miss.

Ivanti acknowledged that some of the

Ivanti acknowledged that some of the vulnerabilities being disclosed today were discovered directly through this AI-assisted process. The company maintains a “human in the loop” policy to verify all automated or agentic findings, ensuring responsible use of AI in its security program. Ivanti’s EPMM has been a recurring target for sophisticated threat actors.

CISA has flagged at least 31 Ivanti defects on Known Exploited Vulnerabilities (KEV) catalog since late 2021, and at least 19 defects across Ivanti products have been exploited in the past two years alone. Previous zero-day campaigns against EPMM include CVE-2025-4427 and CVE-2025-4428 May 2025, and CVE-2023-35078 and CVE-2023-35082 in 2023, with some attacks attributed Chinese state-sponsored threat groups.

The consistent targeting of EPMM underscores the product’s high-value position in enterprise mobile device management infrastructure. The vulnerabilities disclosed Ivanti’s May 2026 security advisory affect only on-premises EPMM deployments. Organizations running cloud-based Ivanti Neurons for MDM are not impacted.

Ivanti has published detailed remediation instructions

Ivanti has published detailed remediation instructions through its official Security Advisory, with patch packages that the company says take only seconds to apply and cause no downtime.

Ivanti strongly urges all on-premises EPMM administrators to take immediate action: Apply the available security patch to all EPMM on-premises instances without delay Monitor Apache access logs at /var/log/httpd/https-access_log for signs of attempted or successful exploitation. Implement network segmentation to restrict EPMM administrative interfaces to trusted networks only.

Review and harden mobile device management policies to reduce the overall attack surface Subscribe Ivanti’s Security Blog and Ivanti Innovators Hub for real-time vulnerability alerts Ivanti cautioned that as AI-driven tooling becomes further embedded in its security processes, customers should expect an increase in vulnerability disclosures, a transparency initiative the company frames as a proactive step toward more resilient products rather than a sign of weakening security posture.

Cybercriminals now enter through your suppliers instead of your front door – Free Webinar New xlabs_v1 Botnet Targets Minecraft Servers Through ADB-Exposed Android Devices Member Prolific Russian Ransomware Group Sentenced to 102 Months Prison Microsoft Teams Android Allow Users Join Third-Party Meetings via Iranian-Nexus Operation Targets Oman Ministries With Webshells, Escalation, Data Theft Malicious OpenClaw DeepSeek Skill Exploits Agentic Workflows Deliver RAT Stealer Cisco Network Vulnerability Remote Attacker Cause Attack Hackers Using Fake Claude Installer Pages Trick Users Into Running Malware Their Systems Scammers Short-Lived VoIP Numbers Reuse Windows Defeat Reputation-Based Blocking UAT-8302 Uses Custom Malware Open-Source Tools Steal Data From Government Agencies WatchGuard Agent Vulnerabilities Attackers Grant Full SYSTEM Privileges Windows