The vendor has released a remediation update for the vulnerability. Please refer to the official advisory and perform the update accordingly. The URL is as follows:
https://hub.ivanti.com/s/article/Security-Advisory-EPM-February-2026-for-EPM-2024?language=en_US
【Vulnerability Alert】Ivanti Endpoint Manager contains a high-risk security vulnerability (CVE-2026-1603). Please verify and apply the necessary patches as soon as possible.
publish date :
2026-03-13
update date :
2026-03-13
Source: Ministry of education information & communication security contingency platform
"" "" ""
| Publication Number | TACERT-ANA-2026031201032525 | Publication Time | 2026/03/12 13:16 |
| Incident Type | ANA-Vulnerability Alert | Discovery Time | 2026/03/12 13:16 |
| Impact Level | Medium | ||
| [Subject] 【Vulnerability Alert】Ivanti Endpoint Manager contains a high-risk security vulnerability (CVE-2026-1603). Please verify and apply the necessary patches as soon as possible. |
|||
| [Content] Forwarded from the National Institute of Cyber Security NISAC-200-202603-00000007 Security researchers have discovered that Ivanti Endpoint Manager contains an Authentication Bypass vulnerability (CVE-2026-1603). An unauthenticated remote attacker can exploit this vulnerability to obtain specific authentication credentials. This vulnerability has already been exploited by attackers. Please verify your systems and apply the necessary patches as soon as possible. (Information Sharing Level: WHITE (Information content can be publicly disclosed) |
|||
| [Affected Platform] Ivanti Endpoint Manager versions up to and including 2024 SU4 SR1 |
|||
| [Recommended Actions]
|
|||
| [Reference] 1. https://nvd.nist.gov/vuln/detail/CVE-2026-1603 2. https://hub.ivanti.com/s/article/Security-Advisory-EPM-February-2026-for-EPM-2024?language=en_US |
|||
(This notification is for informational purposes only and does not constitute a cybersecurity incident).
If you have questions or suggestions regarding this notification, please feel free to contact us.
Ministry of education information & communication security contingency platform
Website: https://info.cert.tanet.edu.tw/
Phone: +886-7-5250211
Internet Phone: 98400000
E-Mail: service@cert.tanet.edu.tw
If you have questions or suggestions regarding this notification, please feel free to contact us.
Ministry of education information & communication security contingency platform
Website: https://info.cert.tanet.edu.tw/
Phone: +886-7-5250211
Internet Phone: 98400000
E-Mail: service@cert.tanet.edu.tw
Organizer:
Computer Center