Ivanti, a major player in mobile management software, has disclosed and patched a second high-severity bug in its Endpoint Manager Mobile (EPMM) software. This follows closely on the heels of a critical zero-day flaw that was patched just days prior. Both vulnerabilities are being actively exploited, and users are urged to apply the patches immediately. The earlier bug, CVE-2023-35078, was exploited in an attack on several Norwegian government ministries. The newly identified bug, CVE-2023-35081, is a path traversal vulnerability that allows an attacker to write arbitrary files onto the appliance.
Ivanti’s EPMM solution is widely used by IT departments globally, including several U.S. government agencies, to set policies for mobile devices, applications, and content. The company has warned that the new vulnerability impacts all versions of EPMM and it is critical for users to take immediate action. The vulnerability can be used in conjunction with CVE-2023-35078, bypassing administrator authentication and ACLs restrictions.
Cybersecurity firm Mnemonic, which assisted in identifying the new vulnerability, has warned that such vulnerabilities pose serious threats to system security and could potentially lead to a broad spectrum of attacks, including data breaches and system takeovers. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has also urged security teams to patch the vulnerabilities, confirming that both are being actively exploited. The patches for CVE-2023-35081 also include patches for CVE-2023-35078.
Source: SC Media
To mitigate potential threats, it is important to implement additional cybersecurity measures with the help of a trusted partner like INFRA www.infrascan.net or you can try your self using check.website.