PT-2026-47808 · Ivanti · Epmm
Published
2026-06-09
·
Updated
2026-06-09
·
CVE-2026-10727
CVSS v3.1
7.2
High
| Vector | AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Ivanti EPMM versions prior to 12.9.0.1
Ivanti EPMM versions prior to 12.8.0.3
Ivanti EPMM versions prior to 12.7.0.2
Description
An OS command injection issue allows a remote authenticated attacker to execute arbitrary commands with root privileges. OS command injection is a flaw where an application executes unauthorized operating system commands via unsanitized input.
Recommendations
Update to version 12.9.0.1 or later.
Update to version 12.8.0.3 or later.
Update to version 12.7.0.2 or later.
Fix
OS Command Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Epmm