【Vulnerability Alert】Two Critical Security Vulnerabilities Have Been Identified in Ivanti Endpoint Manager Mobile (EPMM)
publish date :
2026-02-06
update date :
2026-02-06
Source: Ministry of education information & communication security contingency platform
"" "" ""
| Publication Number | TACERT-ANA-2026020208021212 | Publication Time | 2026/02/02 08:51 |
| Incident Type | ANA-Vulnerability Alert | Discovery Time | 2026/02/02 08:51 |
| Impact Level | Low | ||
| [Subject] 【Vulnerability Alert】Two Critical Security Vulnerabilities Have Been Identified in Ivanti Endpoint Manager Mobile (EPMM) |
|||
| [Content] Forwarded from TWCERTCC-200-202601-00000028 Ivanti Endpoint Manager Mobile (EPMM) is a mobile device management solution that enables centralized management of iOS, Android, macOS, and Windows devices. Recently, security updates were released to address two critical security vulnerabilities (CVE-2026-1281 and CVE-2026-1340, both with CVSS: 9.8). Both vulnerabilities are code injection vulnerabilities that allow unauthenticated attackers to execute remote code. (Information Sharing Level: WHITE (Information content can be publicly disclosed) |
|||
|
[Affected Platform] Ivanti Endpoint Manager Mobile versions 12.5.1.0 and earlier Ivanti Endpoint Manager Mobile versions 12.6.0.0 and earlier Ivanti Endpoint Manager Mobile versions 12.6.1.0 and earlier Ivanti Endpoint Manager Mobile versions 12.7.0.0 and earlier |
|||
| [Recommended Actions] Apply the remediation measures in accordance with the solution released on the official website: https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Endpoint-Manager-Mobile-EPMM-CVE-2026-1281-CVE-2026-1340?language=en_US |
|||
| [Reference] |
|||
(This notification is for informational purposes only and does not constitute a cybersecurity incident).
If you have questions or suggestions regarding this notification, please feel free to contact us.
Ministry of education information & communication security contingency platform
Website: https://info.cert.tanet.edu.tw/
Phone: +886-7-5250211
Internet Phone: 98400000
E-Mail: service@cert.tanet.edu.tw
If you have questions or suggestions regarding this notification, please feel free to contact us.
Ministry of education information & communication security contingency platform
Website: https://info.cert.tanet.edu.tw/
Phone: +886-7-5250211
Internet Phone: 98400000
E-Mail: service@cert.tanet.edu.tw
Organizer:
Computer Center