A large company in the field of IVANTI IT-development has uncovered a new vulnerability in its software for managing mobile devices. The vulnerability is tracked under the identifier CVE-2023-35081. This vulnerability is different from the previously reported cve-2023-35078, which was used in hacking a dozen state agencies in Norway last week.
According to the company’s official statement, the vulnerability was found in Ivanti Endpoint Manager Mobile (EPM), also known as MobileIRON CORE. It affects all supported versions, including releases 11.10, 11.9, and 11.8, as well as earlier versions. The company highlights that this vulnerability is different from CVE-2023-35078, which was published on July 23.
The United States Cybersecurity and Infrastructure Security Agency (CISA) has also issued its own warning, urging iVanti customers to immediately install the latest patches due to the active exploitation of both vulnerabilities by attackers. Previously, CISA added CVE-2023-35078 to its catalog of known exploited vulnerabilities after confirming its use in attacks on several state agencies in Norway.
“This vulnerability was unique and was first discovered in Norway. Premature disclosure of information about it could contribute to abuse in other countries,” said Sophie Nyustom, Director of the Norway Safety Agency.
EPMM, which is widely used in many countries’ governments, including the United States, has potentially vulnerable state structures according to a search on the Shodan platform in both the USA and Europe.