CVE-2026-8109

Summary

An exposed dangerous method on the Core Server of Ivanti Endpoint Manager before version 2024 SU6 allows a remote authenticated attacker to leak access credentials.

Affected Software

VendorProductVersion RangeStatus
ivantiEndpoint Manager2024 SU6unaffected

Weaknesses

  • CWE-749: CWE-749 Exposed dangerous method or function

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References