【Vulnerability Alert】Ivanti’s Endpoint Manager contains a high-risk information security vulnerability (CVE-2026-8111)
Source: Ministry of education information & communication security contingency platform
"" "" ""
| Publication Number | TACERT-ANA-2026051404053232 | Publication Time | 2026-05-14 16:49:33 |
| Incident Type | ANA-Vulnerability Alert | Discovery Time | 2026-05-14 16:49:33 |
| Impact Level | Low | ||
| [Subject] 【Vulnerability Alert】Ivanti’s Endpoint Manager contains a high-risk information security vulnerability (CVE-2026-8111) |
|||
| [Content]
Forwarded from TWCERTCC-200-202605-00000006 Ivanti’s Endpoint Manager (EPM) is a system specifically designed for device management, providing management and protection for Windows, macOS, and Linux devices. Recently, Ivanti released an advisory on a critical information security vulnerability (CVE-2026-8111, CVSS: 8.8). This is an SQL injection vulnerability, allowing an authenticated remote attacker to achieve remote code execution. Information Sharing Level: WHITE (The information content is information that may be publicly disclosed) |
|||
| [Affected Platform]
Ivanti Endpoint Manager versions earlier than 2024 SU6 (excluding) |
|||
| [Recommended Actions]
Please update to Ivanti Endpoint Manager 2024 SU6 (inclusive) or later versions.
|
|||
|
[Reference] |
|||
If you have questions or suggestions regarding this notification, please feel free to contact us.
Ministry of education information & communication security contingency platform
Website: https://info.cert.tanet.edu.tw/
Phone: +886-7-5250211
Internet Phone: 98400000
E-Mail: service@cert.tanet.edu.tw