嗯,用户让我帮忙总结一篇文章的内容,控制在100个字以内,而且不需要特定的开头。首先,我需要仔细阅读文章内容,找出关键信息。 文章主要讲的是美国CISA机构将Ivanti EPMM的一个漏洞加入到已知被利用的漏洞目录中。这个漏洞的CVE编号是CVE-2026-1281,CVSS评分高达9.8,属于严重级别。漏洞类型是代码注入,允许未经身份验证的攻击者进行远程代码执行。 接下来,文章提到Ivanti公司已经确认有有限数量的客户遭受了攻击,并且他们已经发布了补丁,并与安全合作伙伴和执法机构合作。此外,CISA要求联邦机构在2026年2月2日前修复这个漏洞。 总结的时候,我需要把这些关键点浓缩到100字以内。要包括CISA的动作、漏洞的严重性、影响范围以及应对措施。同时,语言要简洁明了,避免使用复杂的术语。 最后,检查一下是否符合用户的要求:100字以内、直接描述内容、不使用特定开头。确保没有遗漏重要信息,并且表达清晰。 </think> 美国网络安全和基础设施安全局(CISA)将Ivanti EPMM中的一个严重漏洞(CVE-2026-1281)加入其已知被利用漏洞目录。该漏洞允许未认证攻击者远程代码执行。Ivanti已发布补丁并展开调查,部分客户已遭利用。CISA要求联邦机构于2026年2月2日前修复该漏洞。 2026-1-30 10:40:41 Author: securityaffairs.com(查看原文) 阅读量:0 收藏
U.S. CISA adds a flaw in Ivanti EPMM to its Known Exploited Vulnerabilities catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Ivanti EPMM to its Known Exploited Vulnerabilities catalog.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added an Ivanti EPMM vulnerability, tracked as CVE-2026-1281 (CVSS score of 9.8), to its Known Exploited Vulnerabilities (KEV) catalog.
The vulnerability is a code injection that impacts Ivanti Endpoint Manager Mobile. An unauthenticated attacker can exploit the vulnerability to achieve remote code execution.
“A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated remote code execution.” reads the advisory.
The company confirmed that it is aware of attacks in the wild exploiting this vulnerability.
“We are aware of a very limited number of customers who have been exploited at the time of disclosure.” continues the advisory.
Ivanti said the investigation is ongoing and no reliable indicators of compromise are available yet, though technical guidance has been shared. Sentry and Ivanti Neurons for MDM are not vulnerable, and cloud customers are unaffected. Ivanti has released a patch, expanded customer support, and is working with security partners and law enforcement.
According to Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities, FCEB agencies have to address the identified vulnerabilities by the due date to protect their networks against attacks exploiting the flaws in the catalog.
Experts also recommend that private organizations review the Catalog and address the vulnerabilities in their infrastructure.
CISA orders federal agencies to fix the vulnerability by February 2, 2026.
US CISA also published an alert related to this flaw titled “Fortinet Releases Guidance to Address Ongoing Exploitation of Authentication Bypass Vulnerability CVE-2026-24858“
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, US CISA Known Exploited Vulnerabilities catalog)
如有侵权请联系:admin#unsafe.sh