Recent Ivanti Endpoint Manager Flaw Exploited in Attacks
Summary
CISA has added a recently discovered, high-severity authentication bypass vulnerability in Ivanti Endpoint Manager to its Known Exploited Vulnerabilities (KEV) catalog. This indicates that the flaw is actively being exploited by threat actors.
IFF Assessment
FOE
The active exploitation of a critical vulnerability signifies that attackers are already leveraging this weakness, posing an immediate threat to organizations.
Severity
7.5
High
(AI Estimated)
Defender Context
This vulnerability allows for authentication bypass, meaning attackers can potentially gain unauthorized access to systems managed by Ivanti Endpoint Manager. Organizations using this product should prioritize patching or implementing workarounds immediately to prevent further compromise.