Brand ClaimErleben, was verbindet

Advisory 2026-0252 - Ivanti Endpoint Manager Mobile: Multiple Vulnerabilities allow code execution

Achtung: You can now also find information from the Vulnerability Advisory Service in the CTI portal!
The CTI portal is available at the following address: https://cti-portal.telekom.net/advisories/2026-0252
Notice: This advisory is by exception shown completely public. You will regularly receive details on vulnerability information as a customer via your login or through our daily advisory e-mail.
5
Attack probability
high
4
Potential damage
medium-high
remote anonymous attackerExploit available
Date
2026-01-30
Release
2026-01-30

Operating System

  • Sonstiges
  • UNIX
  • Windows

Software

  • Ivanti Endpoint Manager Mobile RPM < 12.x.0.x
  • Ivanti Endpoint Manager Mobile RPM < 12.x.1.x

Attack

A remote anonymous attacker can exploit multiple vulnerabilities in Ivanti Endpoint Manager Mobile in order to execute arbitrary code.

Description

Ivanti Endpoint Manager Mobile is a mobile management software to manage policies for mobile devices, applications, and content.

CVE-2026-1281, CVE-2026-1340

There are multiple vulnerabilities in Ivanti Endpoint Manager Mobile. A remote, anonymous attacker can exploit these vulnerabilities to perform code injection, which allows for the execution of arbitrary code.

CVSSv2 Base Score: 10.0 / Temporal Score: 8.7
AV:N/AC:L/AU:N/C:C/I:C/A:C/E:H/RL:OF/RC:ND
CVSSv3.1 Base Score: 9.8 / Temporal Score: 9.4
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H/RL:O/RC:X

According to Ivanti the vulnerability CVE-2026-1281 is already being actively exploited.

Recommendation

Ivanti provides updates. Please update your installation and see the vendor's advisory to find the proper version suitable for your environment.
https://www.ivanti.com/blog/january-2026-epmm-security-update

Information

January 2026 EPMM Security Update dated 2026-01-29
https://www.ivanti.com/blog/january-2026-epmm-security-update

Security Advisory Ivanti Endpoint Manager Mobile dated 2026-01-29
https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Endpoint-Manager-Mobile-EPMM-CVE-2026-1281-CVE-2026-1340

References

CVE:CVE-2026-1281
CVE:CVE-2026-1340
EUVD:EUVD-2026-4936
EUVD:EUVD-2026-4940
GITHUB:GHSA-WV3P-W5RJ-F5P6

Disclaimer

*The probability of an attack is determined by the attacker's motivation, the necessary expend and the possibilities for an attack. The damage probability is determined by the expend needed to resolute the attack and probable indirect consequences of an attack for business processes. Telekom Security assumes worst case scenarios.

Copyright © 1999-2026 Deutsche Telekom Security GmbH. All rights reserved. Reproduction and distribution of this publication in any form - even in parts - without prior written permission is forbidden.

The information contained herein has been obtained from sources believed to be reliable and trusted or have been verified. Telekom Security can take liability for completeness, accuracy and correctness only in so far, as gross negligence or intention create liability. Any liability beyond it, in particular possible damages resulting from using or non-usability of the information contained herein, is excluded.