September 29, 2023

IT large Ivanti mentioned on Monday that a number of recently-discovered vulnerabilities have an effect on all variations of their Endpoint Supervisor Cellular (EPMM) software.

EPMM, previously MobileIron Core, is a platform that enables organizations to handle cell units like telephones and tablets in addition to implement content material and utility insurance policies.

Two weeks in the past, the federal government of Norway revealed that 12 authorities businesses within the nation had been hacked via a number of zero-days affecting EPMM.

The U.S. Cybersecurity and Infrastructure Safety Company (CISA) and Norway’s authorities printed an advisory concerning the vulnerabilities final week, noting that nation state hackers had been exploiting them since April. However simply two days after that advisory, Ivanti introduced a 3rd situation: CVE-2023-35082.

The vulnerability “allows an unauthorized, distant (internet-facing) actor to doubtlessly entry customers’ personally identifiable data and make restricted adjustments to the server,” they defined, noting it has a CVSS rating of 10 — the best degree of severity for a vulnerability.

Ivanti initially mentioned the bug solely affected MobileIron Core 11.2 and earlier. However in an up to date advisory on Monday, the corporate mentioned the vulnerability impacts all variations.

“Since initially reporting CVE-2023-35082… Ivanti has continued its investigation and has discovered that this vulnerability impacts all variations of Ivanti Endpoint Supervisor Cellular 11.10, 11.9 and 11.8 and MobileIron Core 11.7 and beneath,” the corporate mentioned.

“The danger of exploitation will depend on the person buyer’s configurations. This vulnerability solely impacts EPMM / MobileIron Core. No different Ivanti merchandise are affected. Ivanti has an RPM Repair for variations 11.10 to 11.3 accessible now. Prospects on older variations ought to first improve to 11.10 after which apply the RPM repair.”

The bug was found by Stephen Fewer, principal safety researcher at safety agency Rapid7, whereas inspecting CVE-2023-35078, the primary situation discovered affecting Ivanti’s EPMM product.

MobileIron was initially its personal firm earlier than being purchased by Ivanti in 2020 and rebranded as EPMM

In keeping with searches on the safety web site Shodan, 1000’s of organizations are nonetheless uncovered to the Ivanti vulnerabilities, lots of that are situated within the U.S. CISA added the primary two bugs to its catalog of Recognized Exploited Vulnerabilities, giving federal civilian businesses till August 21 to patch it.

Get extra insights with the

Recorded Future

Intelligence Cloud.

Be taught extra.

Jonathan Greig

Jonathan Greig is a Breaking Information Reporter at Recorded Future Information. Jonathan has labored throughout the globe as a journalist since 2014. Earlier than shifting again to New York Metropolis, he labored for information shops in South Africa, Jordan and Cambodia. He beforehand coated cybersecurity at ZDNet and TechRepublic.