CVE-2026-4913: CWE-424: Improper Protection of Alternate Path in Ivanti Neurons for ITSM (On-Premise)
Improper protection of an alternate path in Ivanti N-ITSM before version 2025.4 allows a remote authenticated attacker to retain access when their account has been disabled.
AI Analysis
Technical Summary
This vulnerability (CVE-2026-4913) in Ivanti Neurons for ITSM (On-Premise) arises from improper protection of an alternate access path. Specifically, a remote attacker with valid authentication can continue to access the system after their user account has been disabled, due to failure in enforcing account disablement on this alternate path. The CVSS 3.1 base score is 5.7 (medium), reflecting network attack vector, low attack complexity, required privileges, and user interaction, with high confidentiality impact but no integrity or availability impact. The vulnerability affects versions before 2025.4, but no patch or official remediation guidance is currently available.
Potential Impact
An attacker with valid credentials can maintain unauthorized access to the Ivanti Neurons for ITSM system even after their account is disabled, potentially exposing sensitive information (high confidentiality impact). There is no impact on system integrity or availability. This could undermine access control policies and user deprovisioning processes.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is available, organizations should carefully monitor and audit user access, and consider additional compensating controls to detect and prevent unauthorized access via alternate paths. No official remediation level or patch has been published by Ivanti at this time.
CVE-2026-4913: CWE-424: Improper Protection of Alternate Path in Ivanti Neurons for ITSM (On-Premise)
Description
Improper protection of an alternate path in Ivanti N-ITSM before version 2025.4 allows a remote authenticated attacker to retain access when their account has been disabled.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This vulnerability (CVE-2026-4913) in Ivanti Neurons for ITSM (On-Premise) arises from improper protection of an alternate access path. Specifically, a remote attacker with valid authentication can continue to access the system after their user account has been disabled, due to failure in enforcing account disablement on this alternate path. The CVSS 3.1 base score is 5.7 (medium), reflecting network attack vector, low attack complexity, required privileges, and user interaction, with high confidentiality impact but no integrity or availability impact. The vulnerability affects versions before 2025.4, but no patch or official remediation guidance is currently available.
Potential Impact
An attacker with valid credentials can maintain unauthorized access to the Ivanti Neurons for ITSM system even after their account is disabled, potentially exposing sensitive information (high confidentiality impact). There is no impact on system integrity or availability. This could undermine access control policies and user deprovisioning processes.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is available, organizations should carefully monitor and audit user access, and consider additional compensating controls to detect and prevent unauthorized access via alternate paths. No official remediation level or patch has been published by Ivanti at this time.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- ivanti
- Date Reserved
- 2026-03-26T16:37:44.109Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 69de4ff282d89c981fa84c9e
Added to database: 4/14/2026, 2:32:18 PM
Last enriched: 4/14/2026, 2:47:17 PM
Last updated: 4/15/2026, 6:08:47 AM
Views: 11
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.