On 2 August 2023 at 10:00 MDT, Ivanti reported CVE-2023-35082. This vulnerability, which was originally discovered in MobileIron Core had not been previously identified as a vulnerability and was believed to 1) only affect version 11.2 and prior; and 2) that it had been resolved incidentally in MobileIron Core 11.3 as part of work on a product bug.    

Ivanti has continued its investigation and has found additional paths to exploiting CVE-2023-35082 depending on configuration of the Ivanti Endpoint Manager Mobile (EPMM) appliance. This impacts all versions of EPMM 11.10, 11.9 and 11.8 and MobileIron Core 11.7 and below.  

This vulnerability only impacts EPMM / MobileIron Core. No other Ivanti products are affected. 

If exploited, this vulnerability enables an unauthorized, remote (internet-facing) actor to potentially access users’ personally identifiable information and make limited changes to the server.  

Ivanti has an RPM script available now. We recommend customers first upgrade to a supported version and then apply the RPM script. 

More detailed information is available in this Security Advisory. This is an ongoing investigation. We will update this Security Advisory as the situation evolves and new information becomes available. 

Our Support team is always available to help customers to upgrade. Cases can be logged via the Success portal (login credentials required). 

Ivanti would like to thank Stephen Fewer from Rapid7 for his assistance in identifying the vulnerability in MobileIron Core 10.2 and partnership on coordinated disclosure on 2 August 2023. 

Want to stay up to date on Ivanti Security Advisories? Click the RSS symbol at the top of this page and then paste https://www.ivanti.com/blog/topics/security-advisory/rss into your preferred RSS reader / RSS functionality in your email program.