PT-2026-38455 · Ivanti · Epmm

Published

2026-05-07

Updated

2026-06-07

CVE-2026-5788

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Ivanti EPMM versions prior to 12.6.1.1 Ivanti EPMM versions prior to 12.7.0.1 Ivanti EPMM versions prior to 12.8.0.1

Description Improper Access Control allows a remote unauthenticated attacker to invoke arbitrary methods.

Recommendations Update to version 12.6.1.1 or later. Update to version 12.7.0.1 or later. Update to version 12.8.0.1 or later.

Fix

Improper Access Control

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-284

Related Identifiers

CVE-2026-5788

Affected Products

Epmm

PT-2026-38455 · Ivanti · Epmm

CVE-2026-5788

Weakness Enumeration

Related Identifiers

Affected Products

References · 8