Ivanti Warns of Actively Exploited Vulnerability in Endpoint Manager Mobile

Ivanti has issued a warning about CVE-2026-6973, a high-severity vulnerability with a CVSS score of 7.2 affecting Endpoint Manager Mobile (EPMM) that is currently under active exploitation in limited attacks. The flaw is an improper input validation issue impacting EPMM versions prior to 12.6.1.1, 12.7.0.1, and 12.8.0.1. The vulnerability allows a remotely authenticated user with administrative access to achieve remote code execution on affected systems.