overview

A critical vulnerability with a CVSS score of 10 was discovered in outdated versions of Ivanti's MobileIron Core, now known as Ivanti Endpoint Manager Mobile (EPMM). The vulnerability is being tracked as CVE-2023-35082 and is a remote unauthenticated API access vulnerability. This flaw could potentially give an attacker access to users' personally identifiable information and enable them to make unauthorized modifications within the server.  

According to Ivanti, CVE-2023-35082 was unintentionally fixed in MobileIron Core 11.3 during the process of addressing a product bug. Prior to this, it had not been identified as a vulnerability. Rapid7 found that CVE-2023-35082 comes from the same issue as CVE-2023-35078. It's related to certain entries in the mifs web application's security filter chain being too permissive. Because of this, the new vulnerability acts as a way to bypass the patch for CVE-2023-35078 in versions 11.2 and below of the product. Additionally, if there is another vulnerability in the API, an attacker can chain the vulnerabilities together.  

As of March 15, 2022, MobileIron Core 11.2 is no longer supported, and Ivanti will not provide a patch or any fixes for this vulnerability in version 11.2 or older. Ivanti is actively assisting their customers in upgrading to the latest version of Ivanti Endpoint Manager Mobile (EPMM) or migrating to the cloud version of the product, Ivanti Neurons for MDM. 

 

 

avertium's recommendationS

Ivanti's Support team is readily available to assist customers with upgrades. To log cases, customers can use the Success portal (login credentials required). 

 

 

INDICATORS OF COMPROMISE (IoCs)

At this time, there are no known IoCs associated with CVE-2023-35082. Avertium remains vigilant in locating IoCs for our customers. Should any be located, Avertium will disclose them as soon as possible. For more information on how Avertium can help protect your organization, please reach out to your Avertium Service Delivery Manager or Account Executive. 


 

 

How Avertium is Protecting Our CUSTOMERS

  • Avertium simplifies Governance, Risk, and Compliance (GRC) by providing contextual understanding instead of unnecessary complexity. With our cross-data, cross-industry, and cross-functional expertise, we enable you to meet regulatory requirements and demonstrate a robust security posture without any vulnerabilities. Our GRC services include:  
    • Cyber Maturity  
    • Compliance Assessments and Consulting 
    • Managed GRC 
  • Fusion MXDR is the first MDR offering that fuse together all aspects of security operations into a living, breathing, threat-resistant XDR solution. By fusing insights from threat intelligence, security assessments, and vulnerability management into our MDR approach, Fusion MXDR offers a more informed, robust, and cost-effective approach to cybersecurity – one that is greater than the sum of its parts. 








SUPPORTING DOCUMENTATION

CVE-2023-35082 – Remote Unauthenticated API Access Vulnerability in MobileIron Core 11.2 and older (ivanti.com) 

CVE-2023-35082 - MobileIron Core Unauthenticated API Access Vulnerability | Rapid7 Blog 

Vulnerability affecting MobileIron Core 11.2 and older | Ivanti 
Chat With One of Our Experts



endpoint protection Flash Notice Critical Vulnerability Ivanti Blog