Ivanti Warns of High-Severity Vulnerability in EPMM Exploited in Zero-Day Attacks

Ivanti issued a warning to customers about a high-severity remote code execution vulnerability in its Endpoint Manager Mobile (EPMM) product, which has been exploited in zero-day attacks. The flaw was actively targeted before patches were available, though no specific CVE ID, technical details, or attack attribution were disclosed in the notice. The company urged immediate patching to mitigate the risk of unauthorized access or code execution on vulnerable systems. No exact date for the vulnerability’s discovery or exploitation was provided, but the advisory was released on the day of the announcement. The impact includes potential compromise of enterprise mobile device management infrastructure.