CyberIntel ⬡ News
★ Saved ◆ Cyber Reads
← Back ◇ Industry News & Leadership Jun 03, 2026

Ivanti ITSM Vulnerability Lets Attackers Gain Admin Privilege

Cybersecurity News Archived Jun 03, 2026 ✓ Full text saved

Ivanti has disclosed a high-severity vulnerability in its Ivanti Neurons for ITSM platform that could allow attackers with valid credentials to escalate privileges and gain full administrative access. The flaw, tracked as CVE-2026-9614, affects both cloud and on-premises deployments and has been assigned a CVSS score of 8.8, indicating a significant security risk in enterprise […] The post Ivanti ITSM Vulnerability Lets Attackers Gain Admin Privilege appeared first on Cyber Security News .

Full text archived locally
✦ AI Summary · Claude Sonnet


    HomeCyber Security News Ivanti ITSM Vulnerability Lets Attackers Gain Admin Privilege By Abinaya June 3, 2026 Ivanti has disclosed a high-severity vulnerability in its Ivanti Neurons for ITSM platform that could allow attackers with valid credentials to escalate privileges and gain full administrative access.  The flaw, tracked as CVE-2026-9614, affects both cloud and on-premises deployments and has been assigned a CVSS score of 8.8, indicating a significant security risk in enterprise environments. The vulnerability stems from improper access control, categorized under CWE-284. According to Ivanti, a remote authenticated attacker can exploit this issue without requiring user interaction, enabling unauthorized elevation to administrator-level permissions. The CVSS vector highlights that the attack can be executed over the network with low complexity and limited privileges, while potentially impacting confidentiality, integrity, and availability. Ivanti ITSM Vulnerability Ivanti Neurons for ITSM is widely used for IT service management workflows, including ticketing, asset tracking, and automation. Administrative access within such platforms can expose sensitive organizational data and allow attackers to manipulate system configurations or create persistent backdoors. For example, an attacker with compromised low-level credentials could exploit CVE-2026-9614 to elevate privileges and modify user roles, effectively taking control of the ITSM environment. The vulnerability impacts on-premises versions 2025.4 and earlier. Ivanti has released patches to address the issue in version 2025.4 Patch 1, as well as backported fixes in 2025.3 Patch 1 and 2025.2 Patch 1. Organizations running affected versions are strongly advised to update immediately through the Ivanti License System portal. For cloud customers, Ivanti has already applied fixes across all environments. The company confirmed that patches were deployed during updates rolled out on May 24 and 25, specifically in versions 2026.1 Patch 9 and 2026.2 Patch 1. Additional updates were later issued to resolve a separate logging issue affecting IP address tracking. However, this secondary bug is unrelated to the core vulnerability. At the time of disclosure, Ivanti stated that there is no evidence of active exploitation in the wild. However, given the ease of exploitation and the potential impact, the company issued an out-of-band security advisory to accelerate remediation efforts. Ivanti also noted that there are currently no publicly available indicators of compromise associated with this vulnerability. As a precaution, organizations are encouraged to audit role-based access controls and verify that administrative privileges are restricted to intended users. Misconfigured roles could increase exposure and make exploitation easier. Security teams should prioritize patching and conduct internal reviews of access permissions within their ITSM deployments. Given the critical role these platforms play in enterprise operations, timely remediation is essential to prevent potential abuse by threat actors. Free Webinar on OWASP API Top 10 and Guide to Close Visibility Gaps With WAAP Tags cyber security cyber security news Copy URL Linkedin Twitter ReddIt Telegram Abinayahttps://cybersecuritynews.com/ Abi is a Security Editor and fellow reporter with Cyber Security News. She is covering various cyber security incidents happening in the Cyber Space. Trending News Critical Magento Cache Plugin Vulnerability Enables Remote Code Execution Attacks Critical OpenVPN Connect for macOS Vulnerability Let Attackers Execute Arbitrary Commands Hackers Use Meta’s AI Bot to Reset Passwords and Hijack Instagram Accounts Claude Code’s GitHub Actions Vulnerability Lets Attackers Compromise Any Repository AI-Generated npm Malware Accidentally Exposes Threat Actor’s Private GitHub Token Latest News Cyber Security News Hackers Use YouTube and SEO Poisoning to Spread WeedHack Minecraft Malware Cyber Security News Microsoft 365 Android Apps Account Takeover Vulnerability Impacted Billions of Android Users Cyber Security News Windows Search URI Handler Flaw Leaks NTLMv2 Hashes to Attacker-Controlled Servers Cyber Security HTTP/2 Bomb — Remote DoS Exploit Hits nginx, Apache, IIS, Envoy, and Cloudflare Pingora Cyber Security 1-Click GitHub Token Vulnerability Lets Attackers Steal Users’ OAuth Tokens
    💬 Team Notes
    Article Info
    Source
    Cybersecurity News
    Category
    ◇ Industry News & Leadership
    Published
    Jun 03, 2026
    Archived
    Jun 03, 2026
    Full Text
    ✓ Saved locally
    Open Original ↗