AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

🔥 This vulnerability is being actively exploited in the wild (CISA Known Exploited Vulnerabilities catalog)

CVE-2026-1603: Ivanti Endpoint Manager (EPM) Authentication Bypass Vulnerability

infovulnerability🔥 Actively Exploited

security

Source: CISA Known Exploited VulnerabilitiesMarch 8, 2026CVE-2026-1603

Summary

Ivanti Endpoint Manager (EPM) has a vulnerability that allows attackers to bypass authentication (skip normal login checks) through an alternate path or channel, potentially exposing stored credential data (saved login information) without needing valid credentials. This vulnerability is currently being actively exploited by attackers.

Solution / Mitigation

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. For details, see the vendor's security advisory at https://hub.ivanti.com/s/article/Security-Advisory-EPM-February-2026-for-EPM-2024?language=en_US

Vulnerability Details

EPSS (30-day exploit probability)

EPSS: 67.7%

Exploit Maturity

🔥 Actively Exploited

Classification

Attack SophisticationModerate

Taxonomy References

CWE (Weakness Type)

CWE-288

Original source: https://nvd.nist.gov/vuln/detail/CVE-2026-1603

First tracked: March 9, 2026 at 04:00 PM

Classified by LLM (prompt v3) · confidence: 95%