EUVD-2026-28394
GHSA-68p7-5fp8-cwwg
CVSS VectorNVD
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:L
Lifecycle Timeline
2DescriptionNVD
An Improper Certificate Validation in Ivanti EPMM before versions 12.6.1.1, 12.7.0.1, and 12.8.0.1 allows a remote unauthenticated attacker to impersonate registered Sentry hosts and obtain valid CA-signed client certificates.
AnalysisAI
Certificate validation bypass in Ivanti Endpoint Manager Mobile (EPMM) allows remote unauthenticated attackers to impersonate registered Sentry hosts and fraudulently obtain CA-signed client certificates. Affects all versions before 12.6.1.1, 12.7.0.1, and 12.8.0.1. …
Sign in for full analysis, threat intelligence, and remediation guidance.
RemediationAI
Within 24 hours: Inventory all EPMM deployments and document current versions; disable external access to EPMM management interfaces where possible and restrict network access via firewall rules to administrative networks only. Within 7 days: Contact Ivanti support to confirm patch availability and timeline for your specific EPMM version (12.6.x, 12.7.x, or 12.8.x); apply security updates for versions 12.6.1.1, 12.7.0.1, or 12.8.0.1 if released. …
Sign in for detailed remediation steps.
More from same product – last 7 days
Share
External POC / Exploit Code
Leaving vuln.today