Ivanti Neurons for ITSMのバージョン2025.4未満において、複数の脆弱性

Subject: [Action Required] Multiple Vulnerabilities in Ivanti Neurons for ITSM

Dear IT Administrator,

We are sharing critical security information regarding Ivanti Neurons for ITSM.

■ Overview
Multiple vulnerabilities (CVE-2026-4913, CVE-2026-4914) have been identified in Ivanti Neurons for ITSM. These flaws could allow an attacker to bypass security policies and perform indirect remote code injection (XSS), potentially leading to unauthorized access or execution of malicious scripts.

■ Affected Systems
- Ivanti Neurons for ITSM versions prior to 2025.4

■ Remediation Steps
1. Verify the current version of your Ivanti Neurons for ITSM installation.
2. If the version is older than 2025.4, promptly apply the latest security patches provided by the vendor to upgrade to version 2025.4 or later.

■ Reference Information
- Ivanti Security Advisory (april-2026-security-update)
- CERT-FR (CERTFR-2026-AVI-0439)

Priority: High (Prompt remediation is recommended)