CISA Warns of Active Exploitation of Ivanti EPM Vulnerability CVE-2026-1603

CISA Warns of Active Exploitation of Ivanti EPM Vulnerability CVE-2026-1603

First seen 10 Mar 2026, 11:57 UTC Bleepingcomputer 71% similarity 72.0

Article Content

Browse articles
ThreatCluster

CISA has identified a high-severity vulnerability in Ivanti Endpoint Manager (EPM), tracked as CVE-2026-1603, which is currently being exploited in attacks. The flaw allows remote threat actors to bypass authentication and steal credential data, prompting an urgent directive for U.S. federal agencies to patch their systems within three weeks.

ThreatCluster AI

Timeline

2024-05-31
CVE-2024-29824 published
2025-01-14
CVE-2024-13161 published
2025-01-14
CVE-2024-13159 published
2025-01-14
CVE-2024-13160 published
2026-02-10
CVE-2026-1603 published
2026-03-09
CVE-2026-1603 added to CISA KEV (active exploitation)
2026-03-10
CISA issues patch directive for federal agencies

Community

Browse all →