"Ivanti warned customers that attackers have successfully weaponized CVE-2026-6973, an improper input validation defect in Endpoint Manager Mobile (EPMM) that allows authenticated users with administrative privileges to run code remotely. The company did not say when the first instance of exploitation occurred, or precisely how many customers have been impacted."
"In a related development, attackers are actively exploiting a zero-day vulnerability affecting some Palo Alto Networks' customers' firewalls. As in the case of Ivanti, Palo Alto Networks did not say when or how it became aware of active exploitation, but said threat actors may have attempted to unsuccessfully exploit a recently disclosed critical security flaw as early as April 9, 2026."
"The memory corruption vulnerability, tracked as CVE-2026-0300, affects the authentication portal of PAN-OS and allows unauthenticated attackers to run code with root privileges on the PA-Series and VM-Series firewalls. Attack surface management platform Censys said it detected about 263,000 Internet-exposed hosts running PAN-OS."
Attackers are weaponizing vulnerabilities in enterprise software and network security products. Ivanti warned that CVE-2026-6973 in Endpoint Manager Mobile allows authenticated administrators to run code remotely due to improper input validation. Ivanti did not provide timing for the first exploitation or the number of affected customers. Attackers are also exploiting a Palo Alto Networks zero-day in PAN-OS. CVE-2026-0300 is a memory corruption flaw in the authentication portal that enables unauthenticated attackers to execute code with root privileges on PA-Series and VM-Series firewalls. Censys reported about 263,000 Internet-exposed PAN-OS hosts. Patches are expected to be released starting in May 2026.
Read at The Hacker News
Unable to calculate read time
Collection
[
|
...
]