Remote Unauthenticated API Access Vulnerability in Ivanti Endpoint Manager Mobile
Critical vulnerability could allow attackers to access user data or to make limited changes to servers
Summary
Critical vulnerability could allow attackers to access user data or to make limited changes to servers
Affected platforms
The following platforms are known to be affected:
Threat details
Active exploitation of CVE-2023-35078
Ivanti have confirmed exploitation of CVE-2023-35078 in the wild affecting “a very limited number of customers”. The Norwegian National Security Authority (NSM) have confirmed exploitation of CVE-2023-35078 used to breach a government-operated software platform.
Introduction
Ivanti has released a security advisory disclosing a critical vulnerability in Ivanti Endpoint Manager Mobile (EPMM), formerly known as MobileIron Core. CVE-2023-35078 is a remote, unauthenticated API access vulnerability with a CVSSv3 score of 10.0.
If exploited, this vulnerability could enable an unauthorised, remote attacker to access users’ personally identifiable information and make limited changes to the server.
Remediation advice
Affected organisations are required to review Ivanti's CVE-2023-35078 - Remote Unauthenticated API Access Vulnerability advisory and apply the necessary updates as soon as possible.
Definitive source of threat updates
Last edited: 25 July 2023 1:43 pm