Ivanti ITSM Vulnerability Lets Attackers Gain Admin Privilege
Cybersecurity NewsArchived Jun 03, 2026✓ Full text saved
Ivanti has disclosed a high-severity vulnerability in its Ivanti Neurons for ITSM platform that could allow attackers with valid credentials to escalate privileges and gain full administrative access. The flaw, tracked as CVE-2026-9614, affects both cloud and on-premises deployments and has been assigned a CVSS score of 8.8, indicating a significant security risk in enterprise […] The post Ivanti ITSM Vulnerability Lets Attackers Gain Admin Privilege appeared first on Cyber Security News .
Full text archived locally
✦ AI Summary· Claude Sonnet
HomeCyber Security News
Ivanti ITSM Vulnerability Lets Attackers Gain Admin Privilege
By Abinaya
June 3, 2026
Ivanti has disclosed a high-severity vulnerability in its Ivanti Neurons for ITSM platform that could allow attackers with valid credentials to escalate privileges and gain full administrative access.
The flaw, tracked as CVE-2026-9614, affects both cloud and on-premises deployments and has been assigned a CVSS score of 8.8, indicating a significant security risk in enterprise environments. The vulnerability stems from improper access control, categorized under CWE-284.
According to Ivanti, a remote authenticated attacker can exploit this issue without requiring user interaction, enabling unauthorized elevation to administrator-level permissions.
The CVSS vector highlights that the attack can be executed over the network with low complexity and limited privileges, while potentially impacting confidentiality, integrity, and availability.
Ivanti ITSM Vulnerability
Ivanti Neurons for ITSM is widely used for IT service management workflows, including ticketing, asset tracking, and automation.
Administrative access within such platforms can expose sensitive organizational data and allow attackers to manipulate system configurations or create persistent backdoors.
For example, an attacker with compromised low-level credentials could exploit CVE-2026-9614 to elevate privileges and modify user roles, effectively taking control of the ITSM environment. The vulnerability impacts on-premises versions 2025.4 and earlier.
Ivanti has released patches to address the issue in version 2025.4 Patch 1, as well as backported fixes in 2025.3 Patch 1 and 2025.2 Patch 1.
Organizations running affected versions are strongly advised to update immediately through the Ivanti License System portal.
For cloud customers, Ivanti has already applied fixes across all environments. The company confirmed that patches were deployed during updates rolled out on May 24 and 25, specifically in versions 2026.1 Patch 9 and 2026.2 Patch 1.
Additional updates were later issued to resolve a separate logging issue affecting IP address tracking. However, this secondary bug is unrelated to the core vulnerability.
At the time of disclosure, Ivanti stated that there is no evidence of active exploitation in the wild. However, given the ease of exploitation and the potential impact, the company issued an out-of-band security advisory to accelerate remediation efforts.
Ivanti also noted that there are currently no publicly available indicators of compromise associated with this vulnerability.
As a precaution, organizations are encouraged to audit role-based access controls and verify that administrative privileges are restricted to intended users. Misconfigured roles could increase exposure and make exploitation easier.
Security teams should prioritize patching and conduct internal reviews of access permissions within their ITSM deployments. Given the critical role these platforms play in enterprise operations, timely remediation is essential to prevent potential abuse by threat actors.
Free Webinar on OWASP API Top 10 and Guide to Close Visibility Gaps With WAAP
Tags
cyber security
cyber security news
Copy URL
Linkedin
Twitter
ReddIt
Telegram
Abinayahttps://cybersecuritynews.com/
Abi is a Security Editor and fellow reporter with Cyber Security News. She is covering various cyber security incidents happening in the Cyber Space.
Trending News
Critical Magento Cache Plugin Vulnerability Enables Remote Code Execution Attacks
Critical OpenVPN Connect for macOS Vulnerability Let Attackers Execute Arbitrary Commands
Hackers Use Meta’s AI Bot to Reset Passwords and Hijack Instagram Accounts
Claude Code’s GitHub Actions Vulnerability Lets Attackers Compromise Any Repository
AI-Generated npm Malware Accidentally Exposes Threat Actor’s Private GitHub Token
Latest News
Cyber Security News
Hackers Use YouTube and SEO Poisoning to Spread WeedHack Minecraft Malware
Cyber Security News
Microsoft 365 Android Apps Account Takeover Vulnerability Impacted Billions of Android Users
Cyber Security News
Windows Search URI Handler Flaw Leaks NTLMv2 Hashes to Attacker-Controlled Servers
Cyber Security
HTTP/2 Bomb — Remote DoS Exploit Hits nginx, Apache, IIS, Envoy, and Cloudflare Pingora
Cyber Security
1-Click GitHub Token Vulnerability Lets Attackers Steal Users’ OAuth Tokens