6 matches found
Ivanti Endpoint Manager - Authentication Bypass
Ivanti Endpoint Manager 2024 SU5 contains an authentication bypass caused by improper access control, letting remote unauthenticated attackers leak stored credential data, exploit requires no special privileges. id: CVE-2026-1603 info: name: Ivanti Endpoint Manager - Authentication Bypass author:...
CVE-2026-1603
An authentication bypass in Ivanti Endpoint Manager before version 2024 SU5 allows a remote unauthenticated attacker to leak specific stored credential data...
CVE-2026-1603
An authentication bypass in Ivanti Endpoint Manager before version 2024 SU5 allows a remote unauthenticated attacker to leak specific stored credential data...
CVE-2026-1603
An authentication bypass in Ivanti Endpoint Manager before version 2024 SU5 allows a remote unauthenticated attacker to leak specific stored credential data...
CVE-2026-1603
Summary (CVE-2026-1603): Ivanti Endpoint Manager (EPM) before version 2024 SU5 contains an authentication bypass that allows a remote unauthenticated attacker to leak specific stored credential data. This vulnerability arises from improper access control, enabling exposure of credentials without ...
Security Advisory EPM February 2026 for EPM 2024
Update 18 Feb: Added FAQ on patching Agents. Summary Ivanti has released updates for Ivanti Endpoint Manager which addresses one high severity vulnerability and one medium severity vulnerability. Successful exploitation could allow a remote authenticated attacker to leak arbitrary data or...