CVE-2026-5787

An Improper Certificate Validation in Ivanti EPMM before versions 12.6.1.1, 12.7.0.1, and 12.8.0.1 allows a remote unauthenticated attacker to impersonate registered Sentry hosts and obtain valid CA-signed client certificates.

high 8.9 CVSS 3.1
Published: May 7, 2026
Modified: May 7, 2026
Vendor: Ivanti
Product: Endpoint Manager Mobile
Versions: 12.7.0.0,12.8.0.0

Description

An Improper Certificate Validation in Ivanti EPMM before versions 12.6.1.1, 12.7.0.1, and 12.8.0.1 allows a remote unauthenticated attacker to impersonate registered Sentry hosts and obtain valid CA-signed client certificates.

References

Related CVEs

CVE-2026-8111 high · 8.8
SQL injection in the web console of Ivanti Endpoint Manager before version 2024 SU6 allows a remote authenticated attacker to achieve remote code execution.
CVE-2026-7432 high · 7.8
A race condition in Ivanti Secure Access Client before 22.8R6 allows a locally authenticated user to escalate privileges to SYSTEM
CVE-2026-8043 critical · 9.6
External control of a file name in Ivanti Xtraction before version 2026.2 allows a remote authenticated attacker to read sensitive files and write arbitrary HTML files to a web dir
CVE-2026-8109 medium · 6.5
An exposed dangerous method on the Core Server of Ivanti Endpoint Manager before version 2024 SU6 allows a remote authenticated attacker to leak access credentials.
CVE-2026-8110 high · 7.8
Incorrect permissions assignment in the agent of Ivanti Endpoint Manager before version 2024 SU6 allows a local authenticated attacker to escalate their privileges.
CVE-2026-7431 medium · 4.4
An incorrect permission assignment for critical resource of Ivanti Secure Access Client   before 22.8R6 allows a local authenticated user to read or modify sensitive log data via w