← back
CVE-2026-1603

CVE-2026-1603

CVSS 8.6 HIGHEPSS 81.1%● KEVCWE-288
In short

A flaw in Ivanti Endpoint Manager lets attackers without permission access stored passwords and login credentials by bypassing the authentication system. This is dangerous because attackers can use these stolen credentials to access other systems and accounts.

Technical detail

An authentication bypass vulnerability in Ivanti Endpoint Manager versions prior to 2024 SU5 allows unauthenticated remote attackers to retrieve sensitive credential data. The vulnerability stems from improper authentication validation (CWE-288) and requires network access to the vulnerable endpoint, potentially enabling lateral movement and privilege escalation.

Summary generated and translated by AI from the official description.
An authentication bypass in Ivanti Endpoint Manager before version 2024 SU5 allows a remote unauthenticated attacker to leak specific stored credential data.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
Affected products
Ivanti · Endpoint Manager

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://hub.ivanti.com/s/article/Security-Advisory-EPM-February-2026-for-EPM-2024?language=en_UShttps://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-1603