DIVD-2023-00031 - Ivanti MobileIron vulnerable for CVE-2023-35078
| Our reference | DIVD-2023-00031 |
| Case lead | Lennaert Oudshoorn |
| Researcher(s) | |
| CVE(s) | |
| Products |
|
| Versions |
|
| Recommendation | Update your system to the latest patched version |
| Patch status | Fully patched |
| Status | Closed |
| Last modified | 26 Sep 2023 10:10 |
Summary
Ivanti has released a security advisory notifying of a critical vulnerability in Ivanti MobileIron. This vulnerability, tracked as CVE-2023-35078 is an remote unauthenticated api access vulnerability that could be used to modify and compromise an MobileIron system. This is a critical vulnerability, and Ivanti urges patching of vulnerable sytems. This vulnerability has been exploited in the wild.
CVE-2023-35078 - Remote Unauthenticated API Access Vulnerability
This vulnerability will allow an unauthenticated attacker to remotely access the api and “if exploited, this vulnerability enables an unauthorized, remote (internet-facing) actor to potentially access users’ personally identifiable information and make limited changes to the server”
What you can do
If your Ivanti MobileIron appliance hasn’t been updated to a secure version, we strongly advise you to patch it.
What we are doing
DIVD has identified vulnerable systems and will notify owners of vulnerable systems. DIVD is also informing trusted information sharing partners for targeted notifications.
Timeline
| Date | Description |
|---|---|
| 25 Jul 2022 | Ivanti releases a security advisory for CVE-2023-35078 |
| 26 Jul 2023 | DIVD starts notifying owners of vulnerable systems |
| 26 Jul 2023 | DIVD is notifying through notification partners |
| 26 Sep 2023 | DIVD decides to close case after monitoring phase. |