Ivanti fixes second zero-day exploited by attackers (CVE-2023-35081)

Another actively exploited zero-day vulnerability (CVE-2023-35081) affecting Ivanti Endpoint Manager Mobile (EPMM) has been identified and fixed. The first zero-day spotted Last week, we reported on a remote unauthenticated API access vulnerability (CVE-2023-35078) affecting Ivanti EPMM having been exploited to target Norwegian ministries. The company stated that the vulnerability has impacted a limited number of customers and has released a patch, but did not share any other details or indicators of compromise with the public. … More →

The post …

0 day access actively exploited api attackers cve cve-2023-35078 cve-2023-35081 don't miss endpoint endpoint management enterprise epmm exploited fixes hot stuff ivanti ivanti epmm manager mnemonic mobile mobileiron norwegian ministries security update target the company vulnerability week zero-day zero-day vulnerability