Ivanti Releases Security Updates for EPMM to address CVE-2023-35081
Ivanti has identified and released patches for a directory traversal vulnerability (CVE-2023-35081, CWE-22) in Ivanti Endpoint Manager Mobile (EPMM). This vulnerability allows an authenticated attacker to write arbitrary files with the operating system privileges of the EPMM web application server. The attacker could then execute the uploaded file, for example, a web shell. To bypass authentication, the attacker could exploit CVE-2023-35078 on an unpatched system.
Ivanti reports active exploitation of both CVE-2023-35081 and CVE-2023-35078.
This vulnerability affects supported EPMM versions 11.10, 11.9, and 11.8. Older, unsupported versions are also affected.
CISA urges users and organizations to patch both CVE-2023-35081 and CVE-2023-35078. Patches for CVE-2023-35081 also include patches for CVE-2023-35078 (refer to our prior alert.)