嗯,用户让我总结一下这篇文章的内容,控制在100字以内,而且不需要用“文章内容总结”或者“这篇文章”这样的开头。直接写描述即可。 首先,我需要通读整篇文章,抓住主要信息。文章讲的是Ivanti修复了Endpoint Manager的多个漏洞,包括一个严重的认证绕过漏洞,CVSS评分8.6。这个漏洞允许攻击者在无需认证的情况下远程窃取敏感登录信息。此外,还修复了一个中等严重性的SQL注入漏洞(CVE-2026-1602),评分6.5。这些漏洞是在2024年11月由Trend Micro的ZDI报告的。Ivanti在2024 SU5版本中修复了这些问题,并且没有已知的野外攻击利用这些漏洞的情况。 接下来,我需要把这些信息浓缩到100字以内。重点包括:Ivanti修复了超过12个漏洞,其中一个是高危认证绕过,允许远程窃取凭据;还有一个中危SQL注入;这些漏洞是在2024年11月报告的;修复版本是SU5;没有已知野外利用。 然后组织语言,确保流畅且符合要求。不需要使用特定的开头词,直接描述内容。 最后检查字数是否符合要求,并确保信息准确无误。 </think> Ivanti修复了Endpoint Manager中的多个漏洞,包括一个高危认证绕过(CVE-2026-1603),允许攻击者远程窃取敏感凭据;还修复了一个中危SQL注入(CVE-2026-1602)。这些漏洞由Trend Micro于2024年11月报告,已在版本SU5中修复。 2026-2-12 06:13:41 Author: securityaffairs.com(查看原文) 阅读量:0 收藏
Multiple Endpoint Manager bugs patched by Ivanti, including remote auth bypass
Pierluigi Paganini
February 12, 2026
Ivanti patched over a dozen Endpoint Manager flaws, including a high-severity auth bypass that let attackers steal credentials remotely.
Ivanti released patches for more than a dozen vulnerabilities in Endpoint Manager, including flaws disclosed in October 2025. The update addresses a high-severity authentication bypass, tracked as CVE-2026-1603 (CVSS score of 8.6), that attackers could exploit remotely without credentials to access and steal sensitive login information.
An authentication bypass in Ivanti Endpoint Manager before version 2024 SU5 allows a remote unauthenticated attacker to leak specific stored credential data.
“An authentication bypass in Ivanti Endpoint Manager before version 2024 SU5 allows a remote unauthenticated attacker to leak specific stored credential data.” reads the advisory.
The company also fixed a medium-severity SQL injection, tracked as CVE-2026-1602 (CVSS score of 6.5), in Ivanti Endpoint Manager.
“SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database.” continues the advisory.
Trend Micro’s ZDI reported the flaws to Ivanti in November 2024, threat actors could exploit the bugs to escalate privileges and run code remotely.
The company said it is not aware of attacks in the wild exploiting these vulnerabilities before public disclosure.
EPM 2024 SU5 addressed both vulnerabilities.
In December, the software firm addressed a newly disclosed vulnerability, tracked as CVE-2025-10573 (CVSS score 9.6), in its Endpoint Manager (EPM) solution.
The vulnerability is a Stored XSS that could allow a remote unauthenticated attacker to execute arbitrary
“Stored XSS in Ivanti Endpoint Manager prior to version 2024 SU4 SR1 allows a remote unauthenticated attacker to execute arbitrary JavaScript in the context of an administrator session. User interaction is required.” reads the advisory.
The flaw impacts Ivanti Endpoint Manager prior to version 2024 SU4 SR1.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, Endpoint Manager)
如有侵权请联系:admin#unsafe.sh