MEIFP – Most Exploited Internet-Facing Products

Ivanti

Products: Avalanche · CSA (Cloud Services Appliance) · Connect Secure · EPMM · Endpoint Manager · Endpoint Manager Mobile · ICS · IPS · MobileIron Sentry · Neurons for ZTA gateways · Policy Secure · Sentry · vTM

843.4

Score

CVEs

Active

PoC

KEV

Rank

Period:

Product:

CVE ID	Published	CVSS	Exploit	KEV	AC	PR	Auto	Score(hover)	Affected Products	Description
CVE-2026-10520	2026-06-09	10.0v3.1	ACTIVE		Low	None	YES	40.6	Sentry	An OS Command Injection vulnerability in Ivanti Sentry before the R10.5.2, R10.6.2 and R10.7.1 versions allows a remote unauthenticated user to achieve root-level remote code execution
CVE-2026-6973	2026-05-07	7.2v3.1	ACTIVE		Low	High	no	24.0	Endpoint Manager Mobile	An Improper Input Validation in Ivanti EPMM before versions 12.6.1.1, 12.7.0.1, and 12.8.0.1 allows a remotely authenticated user with administrative access to achieve remote code execution.
CVE-2026-1603	2026-02-10	8.6v3.1	ACTIVE		Low	None	YES	40.6	Endpoint Manager	An authentication bypass in Ivanti Endpoint Manager before version 2024 SU5 allows a remote unauthenticated attacker to leak specific stored credential data.
CVE-2026-1281	2026-01-29	9.8v3.1	ACTIVE		Low	None	YES	40.6	Endpoint Manager Mobile	A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated remote code execution.
CVE-2026-1340	2026-01-29	9.8v3.1	ACTIVE		Low	None	YES	40.6	Endpoint Manager Mobile	A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated remote code execution.
CVE-2025-4427	2025-05-13	5.3v3.1	ACTIVE		Low	None	YES	40.6	Endpoint Manager Mobile	An authentication bypass in the API component of Ivanti Endpoint Manager Mobile 12.5.0.0 and prior allows attackers to access protected resources without proper credentials via the API.
CVE-2025-4428	2025-05-13	7.2v3.1	ACTIVE		Low	High	YES	31.2	Endpoint Manager Mobile	Remote Code Execution in API component in Ivanti Endpoint Manager Mobile 12.5.0.0 and prior on unspecified platforms allows authenticated attackers to execute arbitrary code via crafted API requests.
CVE-2025-22457	2025-04-03	9.0v3.1	ACTIVE		High	None	no	26.0	Connect SecureNeurons for ZTA gatewaysPolicy Secure	A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.6, Ivanti Policy Secure before version 22.7R1.4, and Ivanti ZTA Gateways before version 22.8R2.2 allows a remote unauthenticated attacker to achieve remote code execution.
CVE-2024-10811	2025-01-14	9.8v3.1	POC	—	Low	None	YES	0.0	Endpoint Manager	Absolute path traversal in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to leak sensitive information.
CVE-2024-13159	2025-01-14	9.8v3.1	ACTIVE		Low	None	YES	40.6	Endpoint Manager	Absolute path traversal in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to leak sensitive information.
CVE-2024-13160	2025-01-14	9.8v3.1	ACTIVE		Low	None	YES	40.6	Endpoint Manager	Absolute path traversal in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to leak sensitive information.
CVE-2024-13161	2025-01-14	9.8v3.1	ACTIVE		Low	None	YES	40.6	Endpoint Manager	Absolute path traversal in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to leak sensitive information.
CVE-2025-0282	2025-01-08	9.0v3.1	ACTIVE		High	None	YES	33.8	Connect SecureNeurons for ZTA gatewaysPolicy Secure	A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2, and Ivanti Neurons for ZTA gateways before version 22.7R2.3 allows a remote unauthenticated attacker to achieve remote code execution.
CVE-2024-9379	2024-10-08	6.5v3.1	ACTIVE		Low	High	no	24.0	CSA (Cloud Services Appliance)	SQL injection in the admin web console of Ivanti CSA before version 5.0.2 allows a remote authenticated attacker with admin privileges to run arbitrary SQL statements.
CVE-2024-9380	2024-10-08	7.2v3.1	ACTIVE		Low	High	no	24.0	CSA (Cloud Services Appliance)	An OS command injection vulnerability in the admin web console of Ivanti CSA before version 5.0.2 allows a remote authenticated attacker with admin privileges to obtain remote code execution.
CVE-2024-8963	2024-09-19	9.4v3.1	ACTIVE		Low	None	YES	40.6	CSA (Cloud Services Appliance)	Path Traversal in the Ivanti CSA before 4.6 Patch 519 allows a remote unauthenticated attacker to access restricted functionality.
CVE-2024-8190	2024-09-10	7.2v3.1	ACTIVE		Low	High	no	24.0	CSA (Cloud Services Appliance)	An OS command injection vulnerability in Ivanti Cloud Services Appliance versions 4.6 Patch 518 and before allows a remote authenticated attacker to obtain remote code execution. The attacker must have admin level privileges to exploit this vulnerability.
CVE-2024-7593	2024-08-13	9.8v3.1	ACTIVE		Low	None	YES	40.6	vTM	Incorrect implementation of an authentication algorithm in Ivanti vTM other than versions 22.2R1 or 22.7R2 allows a remote unauthenticated attacker to bypass authentication of the admin panel.
CVE-2024-29204	2024-04-19	9.8v3.0	POC	—	Low	None	no	0.0	Avalanche	A Heap Overflow vulnerability in WLAvalancheService component of Ivanti Avalanche before 6.4.3 allows a remote unauthenticated attacker to execute arbitrary commands
CVE-2024-22024	2024-02-13	8.3v3.0	POC	—	Low	None	YES	0.0	ICSIPS	An XML external entity or XXE vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x), Ivanti Policy Secure (9.x, 22.x) and ZTA gateways which allows an attacker to access certain restricted resources without authentication.
CVE-2024-21893	2024-01-31	8.2v3.0	ACTIVE		Low	None	YES	40.6	ICSIPS	A server-side request forgery vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) and Ivanti Neurons for ZTA allows an attacker to access certain restricted resources without authentication.
CVE-2023-46805	2024-01-12	8.2v3.0	ACTIVE		Low	None	YES	40.6	ICSIPS	An authentication bypass vulnerability in the web component of Ivanti ICS 9.x, 22.x and Ivanti Policy Secure allows a remote attacker to access restricted resources by bypassing control checks.
CVE-2024-21887	2024-01-12	9.1v3.0	ACTIVE		Low	High	no	24.0	ICSIPS	A command injection vulnerability in web components of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows an authenticated administrator to send specially crafted requests and execute arbitrary commands on the appliance.
CVE-2023-38035	2023-08-21	9.8v3.1	ACTIVE		Low	None	YES	40.6	MobileIron Sentry	A security vulnerability in MICS Admin Portal in Ivanti MobileIron Sentry versions 9.18.0 and below, which may allow an attacker to bypass authentication controls on the administrative interface due to an insufficiently restrictive Apache HTTPD configuration.
CVE-2023-35082	2023-08-15	10.0v3.0	ACTIVE		Low	None	YES	40.6	EPMM	An authentication bypass vulnerability in Ivanti EPMM 11.10 and older, allows unauthorized users to access restricted functionality or resources of the application without proper authentication. This vulnerability is unique to CVE-2023-35078 announced earlier.
CVE-2023-35081	2023-08-03	7.2v3.0	ACTIVE		Low	High	no	24.0	EPMM	A path traversal vulnerability in Ivanti EPMM versions (11.10.x < 11.10.0.3, 11.9.x < 11.9.1.2 and 11.8.x < 11.8.1.2) allows an authenticated administrator to write arbitrary files onto the appliance.
CVE-2023-35078	2023-07-25	10.0v3.0	ACTIVE		Low	None	YES	40.6	Endpoint Manager Mobile	An authentication bypass vulnerability in Ivanti EPMM allows unauthorized users to access restricted functionality or resources of the application without proper authentication.

Each CVE: 10 pts base (Active only), boosted by:

KEV×2.0AC: Low×1.2PR: None×1.3PR: Low×1.1Auto×1.3