Admins who use Ivanti’s MobileIron to manage mobile devices in companies should upgrade to its successor, Endpoint Manager Mobile (EPMM), for security reasons. A “critical” vulnerability puts MobileIron at risk. Because support has expired, there is no security update.
In a warning, the developers write that the vulnerability (CVE-2023-35082) threatens MobileIron Core up to and including version 11.2. Attackers should be able to attack the gap without authentication via the Internet. After a successful attack, personal data is leaked and limited changes to the server are possible.
Security researchers from Rapid7 found the vulnerability. In an article, they state that the vulnerability affects the API endpoint of management servers that can be reached via the Internet. According to them, attackers can combine the vulnerability with another vulnerability (CVE-2023-35081) to infiltrate servers with a web shell.
Ivanti states that the security issue was “accidentally” resolved as part of the work on MobileIron Core 11.3 in the context of a product bug. Previously, the issue was not identified as a security vulnerability.
In the focus of attackers
Recently, two vulnerabilities (CVE-2023-35081 “high”, CVE-2023-35078 “critical”) in EPMM made headlines. Attackers exploit the vulnerabilities and attack Norwegian ministries, for example. So admins should make sure that one of the secured editions 126.96.36.199, 188.8.131.52 or 184.108.40.206 is installed. Support for versions prior to 220.127.116.11 has ended. An upgrade can help here.
Go to home page
#Upgrade #needed #Critical #vulnerability #threatens #legacy #MobileIron #editions #Ivanti