Security Data and Risk Analyst

Fortinet, Ivanti, Intel patch high-severity vulnerabilities. The bugs could lead to arbitrary code execution, privilege escalation, or authentication rate-limit bypass. | March 11, 2026 (8:10 AM ET) Fortinet, Ivanti, and Intel on Tuesday rolled out security fixes for dozens of vulnerabilities, including high-severity bugs that could be exploited for arbitrary code execution, privilege escalation, or security protection bypasses. Fortinet announced patches for 22 security defects across its products, including high-severity flaws in FortiWeb, FortiSwitchAXFixed, FortiManager, and FortiClientLinux. The FortiWeb, FortiSwitchAXFixed, and FortiManager issues could be exploited by remote, unauthenticated attackers to bypass the authentication rate limit or execute unauthorized code or commands. The FortiClientLinux weakness, described as a Symlink following vulnerability, could allow local attackers to escalate their privileges to root. On Tuesday, Fortinet also addressed medium- and low-severity flaws that could lead to data tampering, security protection bypasses, arbitrary code execution, information disclosure, denial-of-service (DoS), arbitrary command execution, privilege escalation, or social engineering attacks. Fortinet made no mention of any of these vulnerabilities being exploited in the wild. Ivanti rolled out fixes for a high-severity security defect in Desktop and Server Management (DSM) before version 2026.1.1 that could allow attackers to elevate their privileges, noting that it is not aware of the flaw being exploited. Intel published an advisory describing nine vulnerabilities in the UEFI for some Intel reference platforms, including five high-severity bugs that could lead to local code execution, privilege escalation, and information disclosure. UEFI firmware updates were released for over 45 Intel processor models affected by these security defects. None of these appears to have been exploited in the wild. Ionut Arghire is an international correspondent for SecurityWeek.

Critical Ivanti Endpoint Manager 0-day RCE vulnerabilities actively exploited in attacks. Two critical code-injection vulnerabilities have been disclosed in the Endpoint Manager Mobile (EPMM) platform, which are currently being actively exploited in real-world attacks. The security flaws, tracked as CVE-2026-1281 and CVE-2026-1340, allow unauthenticated attackers to execute arbitrary code remotely on vulnerable systems. The vulnerabilities carry a maximum CVSS severity score of 9.8 and affect multiple versions of EPMM, including 12.5.0.0, 12.6.0.0, and 12.7.0.0. According to Ivanti's security advisory published on January 29, 2026, the company is aware of a limited number of customer environments that have already been compromised at the time of disclosure. Active exploitation confirmed. Both vulnerabilities stem from code-injection weaknesses (CWE-94) that can be exploited without authentication or user interaction. The attack vector is network-based and low-complexity, enabling threat actors to compromise vulnerable EPMM instances remotely with minimal effort. Successful exploitation grants attackers complete control over the confidentiality, integrity, and availability of affected systems. Ivanti has released version-specific RPM patches to address the security flaws. At the same time, customers await the permanent fix scheduled for version 12.8.0.0 in Q1 2026. The temporary patches require no system downtime and do not impact feature functionality. However, administrators must reapply the RPM script after version upgrades. Organizations running EPMM should immediately apply the version-specific RPM patches available through Ivanti's support portal. Customers using versions 12.5.0.x through 12.7.0.x require RPM 12.x.0.x, while those on 12.5.1.0 or 12.6.1.0 should deploy RPM 12.x.1.x. The company emphasizes that only one patch is needed based on the deployed version. Ivanti recommends security-conscious organizations consider rebuilding EPMM environments and migrating data to replacement systems as the most conservative remediation approach. The company has provided technical analysis documentation with forensic guidance, though reliable indicators of compromise remain unavailable as investigations continue. Notably, other Ivanti products including Endpoint Manager (EPM), Neurons for MDM, and Sentry appliances are not affected by these vulnerabilities. Follow Cryptika on Google News, LinkedIn, and X for daily cybersecurity updates. Contact Cryptika to feature your stories. The post critical Ivanti Endpoint Manager 0-day RCE vulnerabilities actively exploited in attacks appeared first on cyber security News. Ivanti MobileIron API Access Flaw let Attackers Access Sensitive InformationAugust 3, 2023In "Cybersecurity News - Original News Source is cybersecuritynews.com"

Ivanti, a global enterprise IT and security software company, has unveiled AI-driven enhancements to its Neurons platform, introducing agentic AI capabilities, autonomous endpoint management and advanced asset visibility features. The updates include persona-based AI agents for IT service management that provide autonomous, goal-directed support through natural language interaction. The agentic AI customer preview launches in Q1 2026, with general availability later in the year. Ivanti's Autonomous Endpoint Management combines digital employee experience, unified endpoint management and security, using AI-powered automation to manage and protect devices. The company has also enhanced asset visibility through Ivanti Neurons for Discovery, offering comprehensive asset intelligence with embedded licence management and unified risk insights. Over 34,000 customers, including 85 Fortune 100 companies, use Ivanti's solutions.