轉發 台灣電腦網路危機處理暨協調中心 資安訊息警訊 TWCERTCC-200-202606-00000003

[內容說明]
ITSM是Ivanti旗下一款可靠且強大IT服務管理的解決方案，可協助組織提升服務效率，確保IT營運合規及安全。近日針對 Ivanti Neurons for ITSM發布重大資安公告(CVE-2026-9614，CVSS：8.8)，此漏洞可允許經身分驗證的遠端攻擊者取得系統管理存取權限。

[影響平台]
Ivanti Neurons for ITSM (On-Premises) 2025.4(含)之前版本
Ivanti Neurons for ITSM (Cloud) 2026.1(含)之前版本

[建議措施]
根據官方網站釋出的解決方式進行修補: https://hub.ivanti.com/s/article/Security-Advisory-Ivanti-Neurons-for-ITSM-CVE-2026-9614?language=en_US

Forwarded from Taiwan Computer Network Crisis Management and Coordination Center: Cybersecurity Alert TWCERTCC-200-202606-00000003

[Content Description]
ITSM is a reliable and powerful IT service management solution from Ivanti, helping organizations improve service efficiency and ensure IT operational compliance and security. Recently, Ivanti Neurons for ITSM issued a major cybersecurity advisory (CVE-2026-9614, CVSS: 8.8). This vulnerability could allow an authenticated remote attacker to gain system administrative access.

[Affected Platforms]
Ivanti Neurons for ITSM (On-Premises) versions 2025.4 and earlier
Ivanti Neurons for ITSM (Cloud) versions 2026.1 and earlier

[Recommended Actions]
Patch according to the solutions released on the official website: https://hub.ivanti.com/s/article/Security-Advisory-Ivanti-Neurons-for-ITSM-CVE-2026-9614?language=en_US