Security Advisory Ivanti Neurons for ITSM (CVE-2026-9614)

Ivanti has released updates for Ivanti Neurons for ITSM which addresses one high severity vulnerability. Successful exploitation could lead to authenticated privilege escalation to an administrator. We are not aware of any customers being exploited by this vulnerability at the time of disclosure...

May 2026 Security Advisory Ivanti Virtual Traffic Manager (vTM) (CVE-2026-8051)

Summary Ivanti has released updates for Ivanti Virtual Traffic Manager which addresses one High severity vulnerability. Successful exploitation could lead to admin authenticated remote code execution. We are not aware of any customers being exploited by this vulnerability at the time of disclosur...

May 2026 Security Advisory Ivanti Secure Access Client (CVE-2026-7431, CVE-2026-7432)

Update 22 May: CVE-2026-8992 has been added to Vulnerability Details Summary Ivanti has released updates for the Ivanti Secure Access Client which addresses one medium severity vulnerability and two High severity vulnerabilities. We are not aware of any customers being exploited by these...

Security Advisory - Ivanti Xtraction (CVE-2026-8043)

Summary Ivanti has released an update for Ivanti Xtraction which addresses one Critical severity vulnerability. Successful exploitation could lead to sensitive information disclosure and client-side attacks. We are not aware of any customers being exploited by this vulnerability at the time of...

Security Advisory Ivanti Endpoint Manager (EPM) May 2026

Security Advisory Ivanti Endpoint Manager EPM CVE-2026-8109, CVE-2026-8110, CVE-2026-811 Summary Ivanti has released updates for Ivanti Endpoint Manager which addresses one Medium severity and two High severity vulnerabilities. Successful exploitation could lead to information disclosure, privile...

May 2026 Security Advisory Ivanti Endpoint Manager Mobile (EPMM) (Multiple CVEs)

Summary Ivanti has released updates for Ivanti Endpoint Manager Mobile EPMM which addresses five high severity vulnerabilities. We are aware of a very limited number of customers exploited with CVE-2026-6973. Successful exploitation requires Admin authentication. If customers followed Ivanti’s...

Using Vulnerable Libssh Version < 0.12 in Sentry

Last Modified Date Apr 20, 2026 4:13:44 AM...

Security Advisory Ivanti Neurons for ITSM (CVE-2026-4913, CVE-2026-4914)

Ivanti has released updates for Ivanti Neurons for ITSM which addresses two medium severity vulnerabilities We are not aware of any customers being exploited by these vulnerabilities at the time of disclosure. Vulnerability Details: CVE Number | Description | CVSS Score Severity | CVSS Vector | C...

Security Advisory Ivanti DSM (CVE-2026-3483)

Security Advisory Ivanti DSM CVE-2026-3483 Summary Ivanti has released an update for Ivanti Desktop and Server Management DSM which addresses one high severity vulnerability. Successful exploitation could allow an attacker to elevate their local privileges. We are not aware of any customers being...

Security Advisory EPM February 2026 for EPM 2024

Update 18 Feb: Added FAQ on patching Agents. Summary Ivanti has released updates for Ivanti Endpoint Manager which addresses one high severity vulnerability and one medium severity vulnerability. Successful exploitation could allow a remote authenticated attacker to leak arbitrary data or...

Security Advisory Ivanti Endpoint Manager Mobile (EPMM) (CVE-2026-1281 & CVE-2026-1340)

Update 29 Jan: Step by Step RPM Install KB included Update 4 Feb: Fixed in Security Update: 0S-4 and 0L-4 included Update: 6 Feb: RPM detection script available to help customers assess potential impact. Technical Analysis updated with reliable Indicators of Compromise IoC’s. Both in partnership...

Urgent Reminder to Update Edge Appliances During Peak Holiday Time-off

Customer Alert: Proactive Defense Against Threat Actor Campaigns Targeting Unpatched Network Security Solutions As the holiday season approaches, we are urging all Ivanti customers to ensure that all their network security solutions are updated to their latest versions, regardless of vendor. We...

Impact of CVE-2025-66516 On Ivanti EPMM

Last Modified Date Apr 21, 2026 7:10:37 AM...

Security Advisory EPM December 2025 for EPM 2024

Summary: Ivanti has released an update for Ivanti Endpoint Manager EPM which addresses three high severity vulnerabilities and one critical severity vulnerability in the EPM core and remote consoles. We are not aware of any customers being exploited by these vulnerabilities at the time of...

Security Advisory EPM November 2025 for EPM 2024

Summary Ivanti has released updates for Ivanti Endpoint Manager which addresses three high vulnerabilities. Successful exploitation could allow a local authenticated attacker to write arbitrary files anywhere on disk. Two of the resolved vulnerabilities, CVE-2025-9713 and CVE-2025-11622, were...

Impact Of CVE-2025-55752 And CVE-2025-55754 On EPMM, Sentry, Connector

Last Modified Date Oct 31, 2025 3:15:00 PM...

Security Advisory Endpoint Manager Mobile (EPMM) 10/2025 (Multiple CVEs)

Security Advisory Endpoint Manager Mobile EPMM Multiple CVEs Summary Ivanti has released updates for EPMM which addresses one medium and three high severity vulnerabilities. Successful exploitation requires authentication and could lead to remote code execution. We are not aware of any customers...

October 2025 Security Advisory Ivanti Neurons for MDM

Summary Ivanti has released updates for Ivanti Neurons for MDM which addresses one medium and two high severity vulnerabilities. We are not aware of any customers being exploited by these vulnerabilities at the time of disclosure. Vulnerability Details Description | CVSS Score Severity | CVSS...

Security Advisory Ivanti Endpoint Manager (EPM) October 2025

Security Advisory Ivanti Endpoint Manager EPM October 2025 Multiple CVEs Summary Update Nov. 11, 2025: A fix has been released for CVE-2025-11622 and CVE-2025-9713. To resolve these vulnerabilities customers should update to EPM 2024 SU4. Update Feb. 10, 2026: A fix to resolve the remaining CVE's...

September Security Advisory Ivanti Connect Secure, Policy Secure, ZTA Gateways and Neurons for Secure Access (Multiple CVEs)

Update 10 Sept Ivanti Policy Secure: Affected and Resolved in Versions updated Summary Ivanti has released updates for Ivanti Connect Secure, Policy Secure, ZTA Gateways and Neurons for Secure Access which addresses six medium and five high vulnerabilities. We are not aware of any customers being...

Security Advisory September 2025 for Ivanti EPM 2024 SU3 and EPM 2022 SU8

Security Advisory Ivanti Endpoint Manager CVE-2025-9712, CVE-2025-9872 Summary Ivanti has released updates for Ivanti Endpoint Manager EPM which addresses high severity vulnerabilities. We are not aware of any customers being exploited by these vulnerabilities at the time of disclosure...

August Security Advisory Ivanti Virtual Application Delivery Controller (vADC previously vTM) (CVE-2025-8310)

Summary Ivanti has released updates for Ivanti Virtual Application Delivery Controller vADC, previously Virtual Traffic Manager vTM, which addresses one medium severity vulnerability. Successful exploitation could lead to account takeover. We are not aware of any customers being exploited by this...

August Security Advisory Ivanti Connect Secure, Policy Secure & ZTA Gateways (Multiple CVEs)

Summary Ivanti has released updates for Ivanti Connect Secure which addresses medium, high, and critical vulnerabilities. We are not aware of any customers being exploited by these vulnerabilities at the time of disclosure. Vulnerability Details: CVE Number | Description | CVSS Score Severity |...

Security Advisory Ivanti Avalanche (CVE-2025-8296, CVE-2025-8297) 

Summary Ivanti has released updates for Ivanti Avalanche which addresses two high severity vulnerabilities. Successful exploitation could lead to authenticated remote code execution. We are not aware of any customers being exploited by these vulnerabilities at the time of disclosure. Vulnerabilit...

Security Advisory Ivanti Endpoint Manager Mobile (EPMM) (CVE-2025-6770, CVE-2025-6771)

Security Advisory Ivanti Endpoint Manager Mobile EPMM CVE-2025-6770, CVE-2025-6771 Summary Ivanti has released updates for Ivanti Endpoint Manager Mobile which addresses two high severity vulnerabilities. We are not aware of any customers being exploited by these vulnerabilities at the time of...

Security Advisory July 2025 for Ivanti EPM 2024 SU2 and EPM 2022 SU8

Security Advisory Ivanti EPM 2022 SU8 and EPM 2024 SU2 Multiple CVEs Summary Ivanti has released updates for Ivanti Endpoint Manager EPM which addresses three high severity vulnerabilities. The Security vulnerability affects the Core, Remote Consoles and Windows agents. We are not aware of any...

July Security Advisory Ivanti Connect Secure and Ivanti Policy Secure (Multiple CVEs)

Ivanti has released updates for Ivanti Connect Secure ICS and Ivanti Policy Secure IPS, which address medium severity vulnerabilities. We are not aware of any customers being exploited by these vulnerabilities at the time of disclosure. Vulnerability Details: CVE Number | Description | CVSS Score...

Impact Of CVE-2025-32462, CVE-2025-32463 On Ivanti EPMM and Sentry

Last Modified Date Oct 16, 2025 7:23:33 PM...

Security Advisory Ivanti Workspace Control (CVE-2025-5353, CVE- CVE-2025-22463, CVE-2025-22455)

Summary Ivanti has released updates for Ivanti Workspace Control which address three high severity vulnerabilities. Successful exploitation could lead to credential compromise. We are not aware of any customers being exploited by these vulnerabilities at the time of disclosure. Vulnerability...

Security Advisory Ivanti Endpoint Manager Mobile (EPMM) May 2025 (CVE-2025-4427 and CVE-2025-4428)

Ivanti has released updates for Endpoint Manager Mobile EPMM which addresses one medium and one high severity vulnerability. When chained together, successful exploitation could lead to unauthenticated remote code execution. We are aware of a very limited number of customers whose solution has be...

Security Advisory Ivanti Neurons for ITSM (On-Premises Only) (CVE-2025-22462)

Security Advisory Ivanti Neurons for ITSM on-premises only CVE-2025-22462 Summary Ivanti has released updates for Ivanti Neurons for ITSM on-prem only which addresses one critical severity vulnerability. Depending on system configuration, successful exploitation could allow an unauthenticated...

Security Advisory Ivanti Cloud Services Application (CVE-2025-22460)

Summary: Ivanti has released updates for Ivanti Cloud Services Application which addresses one high severity vulnerability. Successful exploitation could lead to local privilege escalation. We are not aware of any customers being exploited by this vulnerability at the time of disclosure...

Security Advisory May 2025 Ivanti Neurons for MDM (N-MDM)

Update 5 August, 2025: Added additional information on security issue fixed in R114. Summary Ivanti has released updates for Ivanti Neurons for MDM N-MDM which addresses two medium severity vulnerabilities. Successful exploitation could allow a remote unauthenticated attacker to edit or delete...

Security Advisory April 2025 for Ivanti EPM 2024 and EPM 2022 SU6

Security Advisory Ivanti EPM 2022 SU6 and EPM 2024 Multiple CVEs Summary Ivanti has released updates for Ivanti Endpoint Manager which addresses medium and high vulnerabilities. We are not aware of any customers being exploited by these vulnerabilities at the time of disclosure. Vulnerability...

April Security Advisory Ivanti Connect Secure, Policy Secure & ZTA Gateways (CVE-2025-22457)

This advisory has been updated to make it clear the vulnerability was fully patched in Ivanti Connect Secure released February 11, 2025. Update April 23, 2025: This advisory has been updated to reflect changes to the Ivanti Policy Secure Versioning and the affected release date. Update May 14,...

March Security Advisory Ivanti Secure Access Client (ISAC) (CVE-2025-22454)

Summary Ivanti has released updates for Ivanti Secure Access Client ISAC which addresses one high severity vulnerability. Successful exploitation could lead to privilege escalation. We are not aware of any customers being exploited by these vulnerabilities at the time of disclosure. Vulnerability...

Security Advisory March 2025 Ivanti Neurons for MDM (N-MDM)

Summary Ivanti has released updates for Ivanti Neurons for MDM N-MDM which addresses a medium severity vulnerability. We are not aware of any customers being exploited by this vulnerability at the time of disclosure. Vulnerability Details: Description| CVSS Score Severity| CVSS Vector| CWE...

Impact of CVE-2025-26465 and CVE-2025-26466 on EPMM, Sentry and Connector

Last Modified Date Apr 15, 2026 5:11:49 AM...

February Security Advisory Ivanti Connect Secure (ICS),Ivanti Policy Secure (IPS) and Ivanti Secure Access Client (ISAC) (Multiple CVEs)

Summary Ivanti has released updates for Ivanti Connect Secure ICS,Ivanti Policy Secure IPS and Ivanti Secure Access Client ISAC which addresses medium, high and critical severity vulnerabilities. We are not aware of any customers being exploited by these vulnerabilities at the time of disclosure...

N-MDM - Security Advisory Ivanti Neurons for MDM (N-MDM)

Summary Ivanti has released updates for Ivanti Neurons for MDM N-MDM which addresses a medium severity vulnerability. We are not aware of any customers being exploited by this vulnerability at the time of disclosure. Vulnerability Details: Description | CVSS Score Severity | CVSS Vector | CWE...

Security Advisory Ivanti Cloud Services Application (CSA) (CVE-2024-47908, CVE-2024-11771)

Summary Ivanti has released updates for Ivanti Cloud Services Application CSA which addresses critical and medium severity vulnerabilities. Successful exploitation of CVE-2024-47908 could allow a remote authenticated attacker to achieve remote code execution and CVE-2024-11771 could allow a remot...

Security Advisory - Ivanti Application Control Engine (CVE-2024-10630)

Summary Ivanti has released updates for Ivanti Application Control Engine which address a high severity vulnerability. Successful exploitation could lead to bypassing configured protections. We are not aware of any customers being exploited by this vulnerability at the time of disclosure...

Security Advisory EPM January 2025 for EPM 2024 and EPM 2022 SU6

Update Regarding Ivanti EPM Endpoint Manager Downloads As part of our ongoing efforts to enhance your experience and streamline our processes we have migrated the software downloads from the Ivanti Community to the Ivanti License System ILS. You will continue to use your current Ivanti Single...

Security Advisory Ivanti Avalanche 6.4.7 (Multiple CVEs)

Summary Ivanti has released updates for Ivanti Avalanche which addresses three high severity vulnerabilities. Successful exploitation of CVE-2024-13181 could allow a remote unauthenticated attacker to bypass authentication. CVE-2024-13180 could allow a remote unauthenticated attacker to leak...

Security Advisory Ivanti Connect Secure, Policy Secure & ZTA Gateways (CVE-2025-0282, CVE-2025-0283) 

Update: 21 Jan 2025 Patch Now Available for IPS & ZTA Gateways Summary: Ivanti has released an update that addresses one critical and one high vulnerability in Ivanti Connect Secure, Policy Secure and ZTA Gateways. Successful exploitation of CVE-2025-0282 could lead to unauthenticated remote code...

December 2024 Security Advisory Ivanti Performance Manager (CVE-2024-11597)

Summary Ivanti has released updates for Performance Manager which address one high severity vulnerability. Successful exploitation could lead to local privilege escalation. We are not aware of any customers being exploited by this vulnerability at the time of disclosure. Vulnerability Details: CV...

Security Advisory - Ivanti Security Controls (ISeC) (CVE-2024-10251)

Security Advisory Ivanti Security Controls iSec CVE-2024-10251 Summary Ivanti has released an update for the Ivanti Security Controls console which addresses one high severity vulnerability. Successful exploitation could lead to local privilege escalation. We are not aware of any customers being...

Security Advisory Ivanti Desktop and Server Management (DSM) (CVE-2024-7572)

Summary Ivanti has released updates for Ivanti Desktop and Server Management which addresses one high severity vulnerability. Successful exploitation could lead to local arbitrary file deletion. We are not aware of any customers being exploited by these vulnerabilities at the time of disclosure...

Security Advisory Ivanti Sentry (CVE-2024-8540)

Security Advisory Ivanti Sentry CVE-2024-8540 Summary Ivanti has released updates for Ivanti Sentry which addresses one high severity vulnerability. We are not aware of any customers being exploited by these vulnerabilities at the time of disclosure. Vulnerability Details: CVE Number | Descriptio...

December 2024 Security Advisory Ivanti Connect Secure (ICS) and Ivanti Policy Secure (IPS) (Multiple CVEs)

Ivanti has released updates for Ivanti Connect Secure and Ivanti Policy Secure which addresses high and critical severity vulnerabilities. We are not aware of any customers being exploited by these vulnerabilities at the time of disclosure. Vulnerability Details: Important: Unless the CVE...