CVE-2026-1603 – Ivanti Endpoint Manager Authentication Bypass Vulnerability

Ivanti released a security update to fix an authentication bypass vulnerability in Endpoint Manager tracked as CVE-2026-1603. The issue affects Endpoint Manager versions prior to 2024 SU5 and allows a remote, unauthenticated attacker to bypass authentication controls and retrieve certain stored credential data from the system. Because Endpoint Manager manages endpoints across enterprise environments, exposure of credential data can create a pathway for broader network compromise.

CVE-2026-1603 has a CVSS score of 8.6, which is High severity. The vulnerability can be exploited remotely without authentication or user interaction, increasing the risk for exposed or internet-reachable management servers. The patch was released in the 2024 SU5 update.

Security agencies have confirmed real-world exploitation of this vulnerability. It has been added to a government-maintained catalog of actively exploited vulnerabilities, prompting urgent patching requirements for affected systems.