Attackers Exploiting Zero-Day Vulnerability in Ivanti’s Mobile Endpoint Security Product
CybersecurityThreatsCybersecurity and Infrastructure Security Agency (CISA)Ivantiknown exploited vulnerabilities (KEV)network edge devicesVulnCheckzero-dayzero-day exploitzero-days
📌 Attackers are actively exploiting a zero-day vulnerability in Ivanti’s mobile endpoint security product, specifically targeting network edge devices to infiltrate victim networks. The flaw affects Ivanti Endpoint Manager Mobile (EPMM), though no CVE ID or specific technical details about the exploit were provided. This marks another instance of Ivanti customers facing known exploited vulnerabilities (KEV), as tracked by the Cybersecurity and Infrastructure Security Agency (CISA). The campaign highlights ongoing risks to widely used enterprise security tools, particularly in network edge environments. No victim organizations, attack timelines, or mitigation steps were disclosed in the report.