70/69 Thursday, February 5, 2026
Cybersecurity experts have issued a warning after discovering two newly identified critical vulnerabilities (CVE-2026-1281 and CVE-2026-1340) in Ivanti Endpoint Manager Mobile (EPMM), a platform widely used by large organizations to manage employee mobile devices. These flaws carry a severity score of 9.8 out of 10, as they allow attackers to execute malicious commands and take full control of affected systems remotely without requiring authentication (Remote Code Execution). Evidence indicates that these vulnerabilities are already being exploited in real-world attacks.
According to an investigation by researchers at watchTowr, the root cause stems from improper handling of Bash scripts within internal app delivery and Android file transfer functions. This flaw enables threat actors to trick the system into executing unauthorized code. Although Ivanti has released an emergency patch, it is considered a temporary mitigation and may be overwritten by future software updates. A permanent fix is expected to be available in the first quarter of 2026.
Experts emphasize that the vulnerabilities affect only on-premise deployments running version 12.7.0.0 or earlier. Organizations that have exposed these systems directly to the internet should assume a potential compromise, as attackers often remove traces of intrusion immediately after gaining access. Administrators are strongly advised to apply the emergency patch without delay, conduct retrospective compromise assessments, and consider rebuilding affected systems if suspicious activity is detected to ensure maximum security.
Source https://hackread.com/ivanti-urgent-fix-critical-zero-day-vulnerabilities/
