First published: Tue Jul 25 2023(Updated: )
Ivanti Endpoint Manager Mobile (EPMM), formerly MobileIron Core, through 11.10 allows remote attackers to obtain PII, add an administrative account, and change the configuration because of an authentication bypass, as exploited in the wild in July 2023. A patch is available.
Credit: support@hackerone.com support@hackerone.com support@hackerone.com
Affected Software | Affected Version | How to fix |
---|---|---|
Ivanti Endpoint Manager Mobile | <=11.10 | |
Ivanti Endpoint Manager Mobile | =11.10 | |
Ivanti Endpoint Manager Mobile | =11.9 | |
Ivanti Endpoint Manager Mobile | =11.8 | |
MobileIron Core | =11.7 and below | |
Ivanti Endpoint Manager Mobile (EPMM) | ||
Ivanti Endpoint Manager Mobile | <11.8.1.1 | |
Ivanti Endpoint Manager Mobile | >=11.9.0<11.9.1.1 | |
Ivanti Endpoint Manager Mobile | >=11.10<11.10.0.2 |
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Found alongside the following vulnerabilities)
The vulnerability ID is CVE-2023-35078.
The title of the vulnerability is Ivanti Endpoint Manager Mobile Authentication Bypass Vulnerability.
The severity of CVE-2023-35078 is critical.
Ivanti Endpoint Manager Mobile (EPMM) versions up to and including 11.10 are affected by CVE-2023-35078.
An attacker can exploit CVE-2023-35078 by bypassing authentication and gaining unauthenticated access to specific API paths, allowing them to access personally identifiable information (PII).
Yes, Ivanti has released security updates for Endpoint Manager Mobile (EPMM) to address CVE-2023-35078.