CERT-EU 2026-01-30

2026-001: Critical vulnerabilities in Ivanti EPMM

Machine-generated analysis · WAYSCloud LLM

One of the vulnerabilities has been exploited in a limited number of cases. The advisory addresses two critical vulnerabilities enabling unauthenticated remote code execution.

Context

Ivanti EPMM is an enterprise mobility management product. The advisory states that an attacker could exploit these flaws to achieve unauthenticated remote code execution on the vulnerable device. The advisory notes that one of these vulnerabilities has been exploited in a limited number of cases.

Operator considerations

Check: Inventory all Ivanti EPMM instances for exposure
Patch: Apply updates as specified in the Ivanti security advisory
Log: Monitor for unauthenticated access attempts and unexpected processes

From Computer Emergency Response Team for the EU institutions ↗

On 29 January 2026, Ivanti released a security advisory addressing two critical vulnerabilities in their EPMM products. An attacker could exploit those flaws to achieve unauthenticated remote code execution on the vulnerable device. One of these vulnerabilities have been exploited in a limited number of cases.

Read the full advisory on CERT-EU →