Ivanti Releases Security Updates for Endpoint Manager Mobile (EPMM) CVE-2023-35078

A vulnerability discovered in Ivanti Endpoint Manager Mobile (EPMM, previously branded MobileIron Core) allows unauthenticated access to specific API paths. An attacker with access to these API paths can access personally identifiable information (PII) such as names, phone numbers, and other mobile device details for users on a vulnerable system. An attacker can also make other configuration changes, including installing software and modifying security profiles on registered devices. 

After further analysis and discussion with Ivanti, this alert has been revised to clarify that an attacker cannot directly create an EPMM administrative by exploiting CVE-2023-35078. 

Ivanti reports that they have received information from a credible source indicating active exploitation of this vulnerability. 

CISA urges users and organizations to review Ivanti’s Security Advisory and Knowledge Base Article (customer login required) and apply the necessary patches.