Active Exploitation of Zero-Day Vulnerability in Ivanti Endpoint Manager Mobile (EPMM)

Ivanti has released patches to address a critical vulnerability (CVE-2023-35078) affecting their Endpoint Manager Mobile products. The vulnerability has a common vulnerability scoring system (CVSSv3) score of 10 out of 10 and is reportedly being actively exploited.

Successful exploitation of the remote unauthenticated API access vulnerability could allow an unauthorised, remote attacker to potentially access users’ personally identifiable information and make limited changes to the affected server.

The vulnerability affects Ivanti EPMM versions 11.10, 11.9 and 11.8. Older versions of Ivanti EPMM prior to 11.8 that have reached end-of-life (EOL) are also affected by the aforementioned vulnerability.

Users and administrators of affected products are advised to upgrade to the latest versions immediately.

More information is available here:

https://forums.ivanti.com/s/article/KB-Remote-unauthenticated-API-access-vulnerability-CVE-2023-35078

https://forums.ivanti.com/s/article/CVE-2023-35078-Remote-unauthenticated-API-access-vulnerability?language=en_US

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35078