Actively Exploited in the Wild

This vulnerability is being actively exploited in the wild.

Primary

Context

Ivanti Endpoint Manager Authentication Bypass Vulnerability Allowing Credential Data Leakage

Vulnerability

Exploited

Patched

A vulnerability allowing authentication bypass has been identified in Ivanti Endpoint Manager (EPM) versions 2024 SU4 SR1 and prior. This vulnerability enables remote, unauthenticated attackers to leak specific stored credential data.

Impact

Exploitation of this vulnerability could lead to unauthorized access to sensitive credential information.

Remediation

Users can update to Ivanti Endpoint Manager 2024 SU5 to address this vulnerability. The update is available through the Ivanti License System (ILS).

Added: Feb 10, 2026, 4:23 PM

Updated: Mar 9, 2026, 8:28 PM

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

2.5

exploitability

8.7

remediation

7.7

relevance

3.0

threat

9.1

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

2.5

exploitability

8.7

remediation

7.7

relevance

3.0

threat

9.1

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Actively Exploited in the Wild

Ivanti Endpoint Manager Authentication Bypass Vulnerability Allowing Credential Data Leakage

Vulnerability

Impact

Remediation

Affected Products

Ivanti Endpoint Manager

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating