Free practical cybersecurity guidance for organisations without a security team.
hello@actionsoncyber.com
← Back to Vulnerability Briefs

Urgent Security Issue in Ivanti Endpoint Manager Mobile

09 May 2026

Reference: CVE-2026-6973

1. What is being reported?

Ivanti Endpoint Manager Mobile has a security weakness where improper checking of input allows someone with admin rights to run harmful code remotely. This means an attacker could potentially control the system without permission.

2. What this means in plain English

If your organisation uses this Ivanti product and an attacker gains admin access, they could take over your mobile management system, leading to loss of data, disruption of services, or further attacks.

3. Could this affect a small business?

Small organisations using Ivanti Endpoint Manager Mobile could be at risk, especially if they have admin users who access the system remotely.

4. What to do now

  • Check if your organisation uses Ivanti Endpoint Manager Mobile and identify the version in use.
  • Contact your IT provider or Ivanti support to confirm if you have the vulnerable versions before 12.6.1.1, 12.7.0.1, or 12.8.0.1.
  • Apply any security updates or mitigations provided by Ivanti immediately.
  • If no fix is available, consider discontinuing use of the product until it is secured.

5. Ask your IT provider

Can you confirm if our Ivanti Endpoint Manager Mobile system is affected by CVE-2026-6973 and what steps are being taken to protect us?

6. Bottom line

If you use Ivanti Endpoint Manager Mobile, act now to update or secure it to prevent attackers from taking control.

Information based on CISA KEV, NVD and multiple reputable security reports.

Back to Vulnerability Briefs