Ivanti Sentry zero-day vulnerability fixed, patch ASAP! (CVE-2023-38035)

Ivanti is urging administrators of Ivanti Sentry (formerly MobileIron Sentry) gateways to patch a newly discovered vulnerability (CVE-2023-38035) that could be exploited to change configuration, run system commands, or write files onto the vulnerable system. “As of now, we are only aware of a limited number of customers impacted by CVE-2023-38035,” the company said in the advisory, but still has to clarify whether that means detected exploitation attempts or simply vulnerable installations reachable via internet. … More →

The post …

0 day administrators aware change configuration customers cve enterprise exploited files gateway ivanti mnemonic mobileiron patch run security update sentry system vulnerability vulnerable zero-day zero-day vulnerability