Security Alert (A26-05-19): Multiple Vulnerabilities in Ivanti Products

Description:

Ivanti has released security advisories to address the multiple vulnerabilities in Ivanti products. Detailed information about the vulnerabilities can be found at:
https://forums.ivanti.com/s/article/kA1UL0000008mQr0AI
https://forums.ivanti.com/s/article/kA1UL0000008mST0AY
https://forums.ivanti.com/s/article/kA1UL0000008mPF0AY

Affected Systems:

• Ivanti Endpoint Manager (EPM) versions prior to 2024 SU6
• Ivanti Secure Access Client (Windows) versions prior to 22.8R.6
• Ivanti Virtual Traffic Manager (vTM) versions prior to 22.9r4

For detailed information of the affected systems, please refer to the corresponding security advisories at vendor's website.

Impact:

Successful exploitation of the vulnerabilities could lead to remote code execution, elevation of privilege, information disclosure or tampering on an affected system.

Recommendation:

Patches for affected systems are available. System administrators of affected systems should follow the recommendations provided by the vendor and take immediate actions to mitigate the risk.

More Information:

• https://forums.ivanti.com/s/article/kA1UL0000008mPF0AY
• https://forums.ivanti.com/s/article/kA1UL0000008mQr0AI
• https://forums.ivanti.com/s/article/kA1UL0000008mST0AY
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7431 (to CVE-2026-7432)
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8051
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8109 (to CVE-2026-8111)