Skip to main content

Public advisory of scammers impersonating CSA and the SPF

Stay vigilant. Read the public advisory

Cyber Security Agency of Singapore
  1. Home
  2. Alerts & Advisories
  3. Alerts
  4. Active Exploitation of MobileIron's Mobile Device Management (MDM)
Alerts

Active Exploitation of MobileIron's Mobile Device Management (MDM)

22 October 2020

The exploit code for three major vulnerabilities in the MobileIron’s MDM solution is now publicly available. There have been reports of active exploitations of these vulnerabilities as well.

The vulnerabilities are:

  • CVE-2020-15505 - A remote code execution vulnerability in MobileIron Core & Connector versions 10.3.0.3 and earlier, 10.4.0.0, 10.4.0.1, 10.4.0.2, 10.4.0.3, 10.5.1.0, 10.5.2.0 and 10.6.0.0; and Sentry versions 9.7.2 and earlier, and 9.8.0; and Monitor and Reporting Database (RDB)version 2.0.0.1 and earlier, that allows remote attackers to execute arbitrary code via unspecified vectors.

  • CVE-2020-15506 - An authentication bypass vulnerability in MobileIron Core & Connector versions 10.3.0.3 and earlier, 10.4.0.0, 10.4.0.1, 10.4.0.2, 10.4.0.3, 10.5.1.0, 10.5.2.0 and 10.6.0.0, that allows remote attackers to bypass authentication mechanisms via unspecified vectors.

  • CVE-2020-15507 - An arbitrary file reading vulnerability in MobileIron Core versions 10.3.0.3 and earlier, 10.4.0.0, 10.4.0.1, 10.4.0.2, 10.4.0.3, 10.5.1.0, 10.5.2.0 and 10.6.0.0, that allows remote attackers to read files on the system via unspecified vectors.

MobileIron has issued a security update in July 2020 to address these vulnerabilities . Administrators are strongly advised to patch your systems to the latest version immediately.

More information is available here:
https://www.zdnet.com/article/mobileiron-enterprise-mdm-servers-under-attack-from-ddos-gangs-nation-states/


Back to top