Ivanti Endpoint Manager Mobile Vulnerability Enables Remote Code Execution Attacks

A high-severity configuration-injection vulnerability (CVE-2026-6973) in Ivanti Endpoint Manager Mobile (EPMM) allows authenticated, high-privilege attackers to inject arbitrary Apache directives and achieve remote code execution; affected versions include 12.9.0, 12.8.0.2, and 12.7.0.1, and Ivanti has released patches (12.9.0.1, 12.8.0.3, 12.7.0.2). Immediate patching, review of privileged access controls, and monitoring for unusual Apache behavior are recommended, although Ivanti reports no evidence of active exploitation or public IOCs at disclosure.