Primary

Context

Ivanti EPMM Improper Certificate Validation Vulnerability Allowing Sentry Host Impersonation

Vulnerability

Patched

A vulnerability exists in Ivanti Endpoint Manager Mobile (EPMM) versions prior to 12.6.1.1, 12.7.0.1, and 12.8.0.1, allowing remote unauthenticated attackers to impersonate registered Sentry hosts and obtain valid CA-signed client certificates. This issue arises from improper validation of certificates, enabling the exploitation of the trust relationship between the EPMM server and Sentry hosts.

Impact

Exploitation of this vulnerability allows for the unauthorized issuance of CA-signed client certificates, which could be used to impersonate Sentry hosts in communications with the EPMM server.

Remediation

Users can update to Ivanti EPMM versions 12.6.1.1, 12.7.0.1, or 12.8.0.1, all of which are available through the Ivanti Download Portal. Customers should also review and rotate admin credentials if necessary.

Added: May 7, 2026, 4:30 PM

Updated: May 20, 2026, 8:45 AM

Vulnerability Rating

Custom Algorithm

spread

3.4

impact

3.1

exploitability

7.2

remediation

7.7

relevance

7.7

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

3.4

impact

3.1

exploitability

7.2

remediation

7.7

relevance

7.7

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Ivanti EPMM Improper Certificate Validation Vulnerability Allowing Sentry Host Impersonation

Vulnerability

Impact

Remediation

Affected Products

Ivanti Endpoint Manager Mobile

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating