all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

CVE-2023-35078: Ivanti Endpoint Manager Mobile (EPMM) / MobileIron Core Unauthenticated API Access Vulnerability

Add to bookmarks
July 25, 2023, 2:08 p.m. | Satnam Narang

Cyber Exposure Alerts www.tenable.com

Critical vulnerability in a popular mobile device management solution from Ivanti has been exploited in the wild in limited attacks


Background


On July 24, a post from Heise Online (English translation) detailed a recently patched zero-day vulnerability in Ivanti Endpoint Manager Mobile (EPMM), a mobile management software that can be used for mobile device management (MDM), mobile application management (MAM) and mobile content management (MCM). It was formerly known as MobileIron Core prior to its acquisition by Ivanti …

access api attacks critical critical vulnerability cve device device management endpoint exploited ivanti july management manager mobile mobile device mobile device management mobileiron popular software solution translation vulnerability zero-day zero-day vulnerability

Visit resource

More from www.tenable.com / Cyber Exposure Alerts

CVE-2024-20353, CVE-2024-20359: Frequently Asked Questions About ArcaneDoor 1 week ago | www.tenable.com
adaptive security arcanedoor blog called +15
CVE-2024-4040: CrushFTP Virtual File System (VFS) Sandbox Escape Vulnerability Exploited 1 week, 2 days ago | www.tenable.com
advisory april crushftp customers +23
Oracle April 2024 Critical Patch Update Addresses 239 CVEs 2 weeks, 1 day ago | www.tenable.com
addresses april cpu critical +12
CVE-2024-3400: Zero-Day Vulnerability in Palo Alto Networks PAN-OS GlobalProtect Gateway Exploited in the Wild 2 weeks, 6 days ago | www.tenable.com
alto april attacks command +25
Microsoft’s April 2024 Patch Tuesday Addresses 147 CVEs (CVE-2024-29988) 3 weeks, 2 days ago | www.tenable.com
addresses april critical critical vulnerabilities +13
Frequently Asked Questions About CVE-2024-3094, A Backdoor in XZ Utils 1 month ago | www.tenable.com
CVE-2023-48788: Critical Fortinet FortiClientEMS SQL Injection Vulnerability 1 month, 2 weeks ago | www.tenable.com
address advisory arbitrary code attacker +20
Microsoft’s March 2024 Patch Tuesday Addresses 59 CVEs (CVE-2024-21407) 1 month, 2 weeks ago | www.tenable.com
CVE-2024-27198, CVE-2024-27199: Two Authentication Bypass Vulnerabilities in JetBrains TeamCity 1 month, 3 weeks ago | www.tenable.com

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote
View on infosec-jobs.com

Information Security Specialist, Sr. (Container Hardening)

@ Rackner | San Antonio, TX
View on infosec-jobs.com

Principal Security Researcher (Advanced Threat Prevention)

@ Palo Alto Networks | Santa Clara, CA, United States
View on infosec-jobs.com

EWT Infosec | IAM Technical Security Consultant - Manager

@ KPMG India | Bengaluru, Karnataka, India
View on infosec-jobs.com

Security Engineering Operations Manager

@ Gusto | San Francisco, CA; Denver, CO; Remote
View on infosec-jobs.com

Network Threat Detection Engineer

@ Meta | Denver, CO | Reston, VA | Menlo Park, CA | Washington, DC
View on infosec-jobs.com
View more jobs