Ivanti Endpoint Manager ROI SQL Injection Remote Code Execution Vulnerability

Ivanti Endpoint Manager contains a high-severity vulnerability (CVE-2026-1602, CVSS 7.2) that allows authenticated remote attackers to execute arbitrary code on affected systems. An attacker with valid credentials could gain unauthorized control over endpoint management infrastructure, potentially compromising multiple devices across an organization. Security teams should prioritize patching Ivanti Endpoint Manager installations and review access controls to limit exposure to authenticated users.