Improper Certificate Validation in Endpoint Manager Mobile (formerly MobileIron Core) - CVE-2026-7821
Published: May 7, 2026
Vulnerability identifier: #VU130639
CSH Severity: Medium
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2026-7821
CWE-ID: CWE-295
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
Endpoint Manager Mobile (formerly MobileIron Core)
Endpoint Manager Mobile (formerly MobileIron Core)
Software vendor:
Ivanti
Ivanti
Description
The vulnerability allows a remote attacker to enroll a device belonging to a restricted set of unenrolled devices, disclose information about the EPMM appliance, and affect the integrity of the newly enrolled device identity.
The vulnerability exists due to improper certificate validation in Ivanti Endpoint Manager Mobile (EPMM) when processing device enrollment. A remote attacker can submit crafted enrollment material to enroll a device belonging to a restricted set of unenrolled devices, disclose information about the EPMM appliance, and affect the integrity of the newly enrolled device identity.
Only deployments configured to use Apple Device Enrollment are at risk.
Remediation
Install security update from vendor's website.