The US Cybersecurity and Infrastructure Safety Company (CISA) has warned that an authentication bypass vulnerability patched in Ivanti Endpoint Supervisor (EPM) final month is now being exploited within the wild. The company has additionally up to date its directive associated to 2 Cisco Catalyst SD-WAN flaws that had been additionally mounted final month after being utilized in zero-day assaults.
The Ivanti EPM vulnerability, tracked as CVE-2026-1603, impacts EPM variations previous to 2024 SU5. It permits a distant, unauthenticated attacker to leak saved credential knowledge and was patched on Feb. 9 together with one other EPM SQL injection flaw tracked as CVE-2026-1602.
On the time, Ivanti credited a researcher working with Development Micro’s Zero Day Initiative program for reporting the vulnerabilities and mentioned that it was not conscious of consumers being exploited by these vulnerabilities.
