Bleepingcomputer
CISA Warns of Active Exploitation of Ivanti EPM Vulnerability CVE-2026-1603
First seen 10 Mar 2026, 11:57 UTC
•
•71% similarity
•72.0
Share:
Export
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
Browse articles
CISA has identified a high-severity vulnerability in Ivanti Endpoint Manager (EPM), tracked as CVE-2026-1603, which is currently being exploited in attacks. The flaw allows remote threat actors to bypass authentication and steal credential data, prompting an urgent directive for U.S. federal agencies to patch their systems within three weeks.
ThreatCluster AI
Timeline
2024-05-31
CVE-2024-29824 published
2025-01-14
CVE-2024-13161 published
2025-01-14
CVE-2024-13159 published
2025-01-14
CVE-2024-13160 published
2026-02-10
CVE-2026-1603 published
2026-03-09
CVE-2026-1603 added to CISA KEV (active exploitation)
2026-03-10
CISA issues patch directive for federal agencies