He was commenting on an advisory issued Thursday by Ivanti in regards to the discovery of 5 holes in its Endpoint Supervisor Cell (EPMM) suite. Updates for all can be found.
The failings are critical sufficient that the US Cybersecurity and Infrastructure Safety Company (CISA) added one of many vulnerabilities to its Recognized Exploited Vulnerabilities Catalog as a result of it’s being actively exploited.
“This isn’t an remoted incident,” Enderle added. “It’s a continuation of the cycle we noticed in January, suggesting an underlying structure struggling to resist trendy threats.”
A “very restricted variety of clients” have been exploited via one of many vulnerabilities revealed this week, CVE-2026-6973. An improper enter validation in EPMM earlier than variations 12.6.1.1, 12.7.0.1, and 12.8.0.1 permits a remotely authenticated consumer with administrative entry to carry out distant code execution.
