Two Enterprise Products Added to US Exploited Vulnerabilities List This Week — Ivanti MDM and AI Gateway

What Happened

The US Cybersecurity and Infrastructure Security Agency confirmed active exploitation of two enterprise products this week and added them to its Known Exploited Vulnerabilities catalogue, triggering mandatory remediation requirements for US government agencies and strong advisory guidance for the private sector.

Ivanti Endpoint Manager Mobile (EPMM): EPMM is a mobile device management platform used by organisations to control, configure, and secure employee smartphones and tablets. CVE-2026-6973 allows an attacker with administrator-level access to the management console to execute commands on the underlying server. EPMM has been repeatedly targeted by nation-state actors — the Norwegian government was attacked via a previous EPMM vulnerability in 2023, and the platform has featured in four separate exploitation campaigns since then.

LiteLLM: LiteLLM is an open-source AI gateway proxy used by enterprises to route requests to multiple AI providers (OpenAI, Anthropic, Azure OpenAI, and others) through a single unified interface. CVE-2026-42208 is a SQL injection vulnerability that allows an attacker to read and modify LiteLLM’s database, including the API keys it holds for connected AI providers. This is the first AI infrastructure component to be confirmed exploited and added to the KEV catalogue.

Business Impact

Ivanti EPMM: A compromised EPMM server provides access to the configuration and management of all mobile devices enrolled under that server — typically an organisation’s entire managed mobile device fleet. Post-compromise capabilities include remote access to device management functions, access to the certificates and profiles deployed to those devices, and the enrolled device inventory.

LiteLLM: Exploitation allows theft of the API keys the LiteLLM instance holds for connected AI providers. API keys for OpenAI, Anthropic, Azure OpenAI, and similar services are equivalent to prepaid credits — stolen keys can be used to consume the victim’s AI budget and access the victim’s AI deployments. More seriously, LiteLLM’s request logs may contain AI prompt history including sensitive business context submitted to LLM providers.

Regulatory Implications

US Federal Civilian Executive Branch agencies must remediate both CVEs by CISA’s mandated deadline (typically 21 days for KEV additions). Organisations subject to NIS2 should treat KEV-listed vulnerabilities in production systems as requiring prompt remediation — KEV additions represent CISA’s confirmation of active exploitation, which NIS2 treats as a material risk factor.

Board-Ready Summary

• US authorities have confirmed that hackers are actively exploiting both Ivanti’s mobile device management software and the AI gateway software LiteLLM — two products likely in use across your enterprise.
• The Ivanti issue risks the integrity of your mobile device management programme. The LiteLLM issue risks theft of AI provider access credentials and exposure of sensitive AI query history.
• Both products require patching this week.

Recommended Actions

For Ivanti EPMM:

1. Apply the EPMM patch, upgrading to versions 12.6.1.1, 12.7.0.1, or 12.8.0.1 (depending on your release branch).
2. Enforce multi-factor authentication on the EPMM administrative console.
3. Restrict EPMM administrator access to management network IP ranges; it should not be internet-accessible.
4. Review EPMM audit logs for unexpected administrator activity in the prior 30 days.

For LiteLLM:

1. Update LiteLLM to version 1.42.2 immediately.
2. Rotate all AI provider API keys stored in or accessible from the LiteLLM instance — treat them as compromised.
3. Review LiteLLM database access logs for anomalous query patterns prior to patching.
4. Restrict LiteLLM management API endpoints to internal IP addresses; they should not be internet-accessible.

For both: If your organisation has not inventoried which AI tooling is deployed in production environments and who holds the associated API keys, this week’s KEV additions are a prompt to conduct that inventory. AI infrastructure has moved from experiment to production faster than security governance has adapted.