@[email protected]
0 Followers
1 Following
3 Posts
Show threadheggaAug 3, 2023
@GossiTheDog Thereā€™s even a new vulnerability found by Rapid7 https://www.rapid7.com/blog/post/2023/08/02/cve-2023-35082-mobileiron-core-unauthenticated-api-access-vulnerability/
CVE-2023-35082 MobileIron Core Unauthenticated API Access | Rapid7 Blog

Rapid7 discovered a new vulnerability that allows unauthenticated attackers to access the API in unsupported versions of MobileIron Core (11.2 and below).

Rapid7
heggaJul 28, 2023
leakixJul 28, 2023

šŸ¤·Ivanti MobileIron Core strikes back :
CVE-2023-35081 - Remote Arbitrary File Write (RCE)

We are seeing 3 new version being deployed :
11.10.0.3, 11.9.1.2 and 11.8.1.2

It seems that current exploitation is chained together with CVE-2023-35078 so the scope should be authenticated IF previously patched.

Sources:
- https://www.mnemonic.io/resources/blog/threat-advisory-remote-file-write-vulnerability-in-ivanti-epmm/
- https://forums.ivanti.com/s/article/KB-Arbitrary-File-Write-CVE-2023-35081?language=en_US
Thanks :
- @_SteveG_

Threat Advisory: Remote File Write Vulnerability in Ivanti EPMM (CVE-2023-35081)

mnemonic researchers have discovered a new zero day vulnerability in Ivanti Endpoint Manager Mobile (EPMM), formerly known as MobileIron Core. This is different from the Authentication Bypass vulnerability CVE-2023-35078 disclosed earlier this week.

Mnemonic