Skip to main content

Public advisory of scammers impersonating CSA and the SPF

Stay vigilant. Read the public advisory

Cyber Security Agency of Singapore
  1. Home
  2. Alerts & Advisories
  3. Alerts
  4. Active Exploitation of Critical Vulnerability in Ivanti Products
Alerts

Active Exploitation of Critical Vulnerability in Ivanti Products

19 January 2024

There are reports of active exploitation of a critical authentication bypass vulnerability (CVE-2023-35082) in Ivanti's Endpoint Manager Mobile (EPMM) and MobileIron Core device management software. The vulnerability has a Common Vulnerability Scoring System (CVSS) score of 10 out of 10.

Successful exploitation of the authentication bypass vulnerability could allow an unauthorised attacker to gain backdoor access to compromised servers and retrieve sensitive information of users. 

The vulnerability affects the following product versions:

• EPMM versions 11.10, 11.9, 11.8

• MobileIron Core versions 11.7 and below

Users and administrators of affected products are advised to update to the latest product versions immediately.

More information is available here:

https://forums.ivanti.com/s/article/CVE-2023-35082-Remote-Unauthenticated-API-Access-Vulnerability-in-MobileIron-Core-11-2-and-older?language=en_US

https://nvd.nist.gov/vuln/detail/CVE-2023-35082

https://www.bleepingcomputer.com/news/security/cisa-critical-ivanti-auth-bypass-bug-now-actively-exploited/