Ivanti warns of two EPMM flaws exploited in zero-day attacks

Ivanti warns of two EPMM flaws exploited in zero-day attacks www.bleepingcomputer.com/news/secu… Ivanti has disclosed two critical vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM), tracked as CVE-2026-1281 and CVE-2026-1340, that have been exploited in zero-day attacks. Both are unauthenticated remote code execution flaws with a CVSS score of 9.8. Ivanti confirmed a limited number of customers were impacted at the time of disclosure. Successful exploitation could allow attackers to execute arbitrary code on vulnerable EPMM appliances and potentially access sensitive administrative, user and device data. Mitigations are available via RPM scripts: • RPM 12.x.0.x for EPMM 12.5.0.x, 12.6.0.x and 12.7.0.x • RPM 12.x.1.x for EPMM 12.5.1.0 and 12.6.1.0 Ivanti states the updates require no downtime and have no functional impact. Organizations should apply the mitigations immediately. CISA has added CVE-2026-1281 to its Known Exploited Vulnerabilities catalogue, reinforcing the urgency of remediation.