Scroll Top

Vulnerability addressed in Ivanti Endpoint Manager Mobile (EPMM) – NCSC rates risk as high

rtaImage

Ivanti, the developer of Endpoint Manager Mobile (EPMM), formerly known as MobileIron Core, has recently discovered and promptly addressed an actively exploited vulnerability. The vulnerability allowed unauthorized individuals to gain access to sensitive data or potentially take control of the EPMM system remotely.

The Dutch National Cyber Security Centre (NCSC) has classified the risk level as High for both the likelihood of exploitation and the potential impact of a successful attack. The vulnerability was assigned CVE-2023-35078.

Although the exact details of the vulnerability have not been fully disclosed at the time of writing, the NCSC warns that the risk of exploitation may escalate as more information becomes publicly available. It is advised that organizations promptly install the security updates provided by Ivanti to safeguard their systems.

Vulnerability Scope:

Platforms: Ivanti Endpoint Manager Mobile (EPMM, formerly MobileIron Core)

Solutions:

Ivanti has released updates to fix the vulnerability, and the NCSC strongly recommends that organizations install the provided security updates without delay. For more information, refer to the following links:

NCSC Risk Assessment:

The NCSC has evaluated the risk level based on various criteria to gauge the likelihood and potential severity of exploitation. The points are aggregated to determine the overall risk level:

Likelihood of Exploitation:

  • Presence in Standard Configuration/Installation: Unclear/Yes (Score: 3)
  • Availability of Exploit Code: No (yet) (Score: 1)
  • Observed Practical Use: Limited (Score: 2)
  • Technical Details Available: Limited (Score: 2)
  • Required Access: Internet (Score: 6)
  • Necessary Credentials: None (Score: 4)
  • Exploitation Difficulty: Easy (Score: 3)
  • User Interaction Required: No actions needed (Score: 4)
  • Expected Misuse or Exploit: Yes, in the near future (Score: 3)
  • Availability of Solution: Less than two months (Score: 2)

Potential Impact of Successful Attack:

  • Denial of Service: No (Score: 0)
  • Execution of Arbitrary Code: Yes, Root/Administrator privileges (Score: 3)
  • Remote Rights (Remote [Root-] Shell): No (Score: 0)
  • Local Admin/Root Privileges (Privilege Escalation): No (Score: 0)
  • Leakage of (Sensitive) Information: Yes, User Data (Score: 3)

In summary, the vulnerability in Ivanti Endpoint Manager Mobile requires immediate attention to prevent potential unauthorized access to sensitive data and system compromise. Organizations are urged to act swiftly and implement the provided security updates to mitigate the risk of exploitation.

Related Posts

Leave a comment

You must be logged in to post a comment.
Privacy Preferences
When you visit our website, it may store information through your browser from specific services, usually in form of cookies. Here you can change your privacy preferences. Please note that blocking some types of cookies may impact your experience on our website and the services we offer.