claytonvantol.us
SESSION: secure TLS: 1.3 PID: 1337

clayton@site:~/news$ cat cve-2026-1603-ivanti-endpoint-manager-epm.log

CVE-2026-1603 — Ivanti Endpoint Manager (EPM) Authentication Bypass Vulnerability

2026-03-09 • CISA Known Exploited Vulnerability

[event] Ivanti Endpoint Manager (EPM) contains an authentication bypass using an alternate path or channel vulnerability that could allow a remote unauthenticated attacker to leak specific stored credential data.

> AFFECTED SOFTWARE

Field Value
Vendor Ivanti
Product Endpoint Manager (EPM)
CWE CWE-288
CVE ID CVE-2026-1603
Date Added 2026-03-09
Due Date 2026-03-23
Ransomware Campaign Unknown

> MITIGATION

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Due Date: 2026-03-23

> REFERENCES

← back to terminal

UPTIME: 1337d v2.0.1 privacy LAST LOGIN: 2026-05-30 20:36:07 UTC