CVE-2026-1603

HIGH Actively Exploited

Authentication Bypass Allows Credential Leakage in Ivanti Endpoint Manager

CVSS v3

8.6

HIGH

EPSS Score

55.9%

exploit probability

CISA KEV

No

known exploited

Exploitation

active

SSVC status

Description

An authentication bypass in Ivanti Endpoint Manager before version 2024 SU5 allows a remote unauthenticated attacker to leak specific stored credential data.

Technical Details

CVSS v3 Vector
3.1
Published
2/10/2026
Last Modified
3/10/2026

Frequently Asked Questions

What is CVE-2026-1603?

An authentication bypass in Ivanti Endpoint Manager before version 2024 SU5 allows a remote unauthenticated attacker to leak specific stored credential data.

Is CVE-2026-1603 actively exploited?

Yes. CVE-2026-1603 has been observed in active exploitation according to SSVC analysis.

What is the CVSS score for CVE-2026-1603?

CVE-2026-1603 has a CVSS v3 base score of 8.6 (HIGH severity), with vector string 3.1.

Is CVE-2026-1603 affecting your environment?

Use isMalicious to check if any of your IPs or domains are associated with this vulnerability's IOCs.

Check an IPSearch CVEs
Back to CVE Database