Ethical Hacking News
U.S. government agencies have been warned by the Cybersecurity and Infrastructure Security Agency (CISA) to patch a critical-severity vulnerability in Ivanti Endpoint Manager Mobile (EPMM) that has been exploited in attacks since January. The agency has ordered federal civilian executive branch (FCEB) agencies to apply patches for the vulnerability, tracked as CVE-2026-1340, by Saturday midnight on April 11, as mandated by Binding Operational Directive (BOD) 22-01. Learn more about the critical-severity vulnerability and CISA's warning in our latest article.
U.S. government agencies have been warned by CISA to patch a critical-severity vulnerability in Ivanti Endpoint Manager Mobile (EPMM) due to its exploitation in attacks since January.The vulnerability enables threat actors without privileges to gain remote code execution, posing significant risks to federal enterprises.Nearly 950 IP addresses with Ivanti EPMM fingerprints are still exposed online, mostly from Europe and North America.CISA advises all defenders to prioritize applying patches for CVE-2026-1340 to secure their organizations' devices as soon as possible.This vulnerability is a frequent attack vector for malicious cyber actors and highlights the importance of timely patching and maintaining software security measures.
U.S. government agencies have been warned by the Cybersecurity and Infrastructure Security Agency (CISA) to patch a critical-severity vulnerability in Ivanti Endpoint Manager Mobile (EPMM) that has been exploited in attacks since January. The agency has ordered federal civilian executive branch (FCEB) agencies to apply patches for the vulnerability, tracked as CVE-2026-1340, by Saturday midnight on April 11, as mandated by Binding Operational Directive (BOD) 22-01.
The Ivanti EPMM flaw enables threat actors without privileges to gain remote code execution on Internet-exposed and unpatched EPMM appliances. Successful exploitation of this vulnerability could lead to unauthenticated remote code execution, posing significant risks to the federal enterprise. CISA has flagged this vulnerability alongside a second security bug (CVE-2026-1281) as abused in zero-day attacks when Ivanti released security updates on January 29.
According to Shadowserver, an internet security watchdog group, nearly 950 IP addresses with Ivanti EPMM fingerprints are still exposed online, mostly from Europe and North America. However, there is no information on how many of these have already been patched. CISA has warned that this type of vulnerability is a frequent attack vector for malicious cyber actors and advises all defenders to prioritize applying patches for CVE-2026-1340 to secure their organizations' devices as soon as possible.
Ivanti provides IT asset management products to over 40,000 customers through a network of more than 7,000 partners worldwide. Multiple other Ivanti vulnerabilities have been exploited in recent years via zero-day attacks to breach a wide range of targets, including government agencies globally. CISA has tagged 33 Ivanti vulnerabilities as exploited in attacks, with 12 of these used by various ransomware operations.
The exposure of this vulnerability highlights the importance of timely patching and maintaining software security measures. As CISA emphasizes, this type of vulnerability poses significant risks to federal enterprises and encourages all defenders to take proactive steps to secure their devices and prevent further exploitation.
Related Information:
https://www.ethicalhackingnews.com/articles/CISA-Urges-US-Government-Agencies-to-Patch-Exploited-Ivanti-EPMM-Flaw-by-Sunday-ehn.shtml
https://www.bleepingcomputer.com/news/security/cisa-orders-feds-to-patch-exploited-ivanti-epmm-flaw-by-sunday/
https://nvd.nist.gov/vuln/detail/CVE-2026-1340
https://www.cvedetails.com/cve/CVE-2026-1340/
https://nvd.nist.gov/vuln/detail/CVE-2026-1281
https://www.cvedetails.com/cve/CVE-2026-1281/
Published: Wed Apr 8 14:07:51 2026 by llama3.2 3B Q4_K_M
