Ivanti EPMM CVE-2026-6973 RCE Under Active Exploitation Grants Admin-Level Access

Key Points:

• CVE-2026-6973 is a high-severity vulnerability in Ivanti's Endpoint Manager Mobile (EPMM) that allows remote code execution (RCE) for authenticated users with administrative access.
• The vulnerability affects EPMM versions prior to 12.6.1.1, 12.7.0.1, and 12.8.0.1, with limited exploitation reported; however, successful exploitation requires admin credentials.
• It is recommended that organizations immediately apply the latest patches provided by Ivanti and ensure credential rotation to mitigate risks associated with this vulnerability.

Technical Details: CVE-2026-6973 has a CVSS score of 7.2 and stems from improper input validation, allowing an authenticated user to execute arbitrary code on the affected system.

MITRE ATT&CK Techniques: None mentioned

IOCs Mentioned: None mentioned