{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Endpoint Manager Mobile versions 12.5.0.x sans le script correctif RPM_12.x.0.x","product":{"name":"Endpoint Manager Mobile (EPMM)","vendor":{"name":"Ivanti","scada":false}}},{"description":"Endpoint Manager Mobile versions 12.5.1.x sans le script correctif RPM_12.x.1.x","product":{"name":"Endpoint Manager Mobile (EPMM)","vendor":{"name":"Ivanti","scada":false}}},{"description":"Endpoint Manager Mobile versions 12.7.0.x sans le script correctif RPM_12.x.0.x","product":{"name":"Endpoint Manager Mobile (EPMM)","vendor":{"name":"Ivanti","scada":false}}},{"description":"Endpoint Manager Mobile versions 12.6.1.x sans le script correctif RPM_12.x.1.x","product":{"name":"Endpoint Manager Mobile (EPMM)","vendor":{"name":"Ivanti","scada":false}}},{"description":"Endpoint Manager Mobile versions 12.6.0.x sans le script correctif RPM_12.x.0.x","product":{"name":"Endpoint Manager Mobile (EPMM)","vendor":{"name":"Ivanti","scada":false}}}],"affected_systems_content":"","content":"## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des correctifs (cf. section Documentation).","cves":[{"name":"CVE-2026-1340","url":"https://www.cve.org/CVERecord?id=CVE-2026-1340"},{"name":"CVE-2026-1281","url":"https://www.cve.org/CVERecord?id=CVE-2026-1281"}],"links":[],"reference":"CERTFR-2026-AVI-0110","revisions":[{"description":"Version initiale","revision_date":"2026-01-30T00:00:00.000000"}],"risks":[{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Ivanti Endpoint Manager Mobile (EPMM). Elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance.<br/>\n\nIvanti indique que les vuln\u00e9rabilit\u00e9s CVE-2026-1281 et CVE-2026-1340 sont activement exploit\u00e9es dans le cadre d'attaques cibl\u00e9es.","title":"Multiples vuln\u00e9rabilit\u00e9s Ivanti Endpoint Manager Mobile (EPMM)","vendor_advisories":[{"published_at":"2026-01-29","title":"Guide d'analyse Ivanti Endpoint Manager Mobile du 29 janvier 2026","url":"https://forums.ivanti.com/s/article/Analysis-Guidance-Ivanti-Endpoint-Manager-Mobile-EPMM-CVE-2026-1281-CVE-2026-1340"},{"published_at":"2026-01-29","title":"Bulletin de s\u00e9curit\u00e9 Ivanti Security-Advisory-Ivanti-Endpoint-Manager-Mobile-EPMM-CVE-2026-1281-CVE-2026-1340","url":"https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Endpoint-Manager-Mobile-EPMM-CVE-2026-1281-CVE-2026-1340"},{"published_at":"2026-01-29","title":"Bulletin de s\u00e9curit\u00e9 Ivanti january-2026-epmm-security-update","url":"https://www.ivanti.com/blog/january-2026-epmm-security-update"}]}