Ivanti Endpoint Manager Mobile: Mehrere Schwachstellen ermöglichen Ausführen von beliebigem Programmcode
Multiple vulnerabilities in Ivanti Endpoint Manager Mobile, a mobile device management software, allow execution of arbitrary code. The affected versions are all versions prior to 12. 8. 0. 3. No CVSS score is available for these vulnerabilities. There are no known exploits in the wild at this time. The vendor has not provided explicit patch or remediation details in the available data.
AI Analysis
Technical Summary
Ivanti Endpoint Manager Mobile contains multiple security vulnerabilities that enable an attacker to execute arbitrary code on affected systems. These vulnerabilities affect versions earlier than 12.8.0.3. The advisory is published by the Bundesamt für Sicherheit in der Informationstechnik and references two CVEs: CVE-2026-10727 and CVE-2026-6973. No detailed technical exploitation or impact scenarios are provided, nor is there information about patch availability or mitigation from the vendor.
Potential Impact
Successful exploitation could allow an attacker to run arbitrary code on devices managed by Ivanti Endpoint Manager Mobile versions prior to 12.8.0.3. This could lead to unauthorized control or compromise of managed mobile devices. No known active exploitation has been reported.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory (WID-SEC-W-2026-1840) for current remediation guidance. Until official fixes are available, organizations should monitor vendor communications for updates and consider limiting exposure of affected systems.
Ivanti Endpoint Manager Mobile: Mehrere Schwachstellen ermöglichen Ausführen von beliebigem Programmcode
Description
Multiple vulnerabilities in Ivanti Endpoint Manager Mobile, a mobile device management software, allow execution of arbitrary code. The affected versions are all versions prior to 12. 8. 0. 3. No CVSS score is available for these vulnerabilities. There are no known exploits in the wild at this time. The vendor has not provided explicit patch or remediation details in the available data.
Affected software
pkg:github/ivanti/endpoint-manager-mobileAI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
Ivanti Endpoint Manager Mobile contains multiple security vulnerabilities that enable an attacker to execute arbitrary code on affected systems. These vulnerabilities affect versions earlier than 12.8.0.3. The advisory is published by the Bundesamt für Sicherheit in der Informationstechnik and references two CVEs: CVE-2026-10727 and CVE-2026-6973. No detailed technical exploitation or impact scenarios are provided, nor is there information about patch availability or mitigation from the vendor.
Potential Impact
Successful exploitation could allow an attacker to run arbitrary code on devices managed by Ivanti Endpoint Manager Mobile versions prior to 12.8.0.3. This could lead to unauthorized control or compromise of managed mobile devices. No known active exploitation has been reported.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory (WID-SEC-W-2026-1840) for current remediation guidance. Until official fixes are available, organizations should monitor vendor communications for updates and consider limiting exposure of affected systems.
Technical Details
- Gcve Source
- db.gcve.eu
- Csaf Category
- csaf_base
- Csaf Version
- 2.0
- Publisher
- Bundesamt für Sicherheit in der Informationstechnik
- Advisory Id
- WID-SEC-W-2026-1840
- Cve Count
- 2
- Additional Cves
- ["CVE-2026-6973"]
- Cvss Version
- null
Threat ID: 6a294ee78dd33fbd853c5aca
Added to database: 6/10/2026, 11:47:51 AM
Last enriched: 6/10/2026, 12:08:12 PM
Last updated: 6/10/2026, 2:33:00 PM
Views: 4
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.