Exploiting the MobileIron Zero-Day Bug: Researcher Reveals a Proof-of-Concept

July 29, 2023

A zero-day authentication bypass vulnerability is posing a threat to mobile device management worldwide. A proof-of-concept exploit for the bug has been released, escalating concerns in the cybersecurity field. The flaw, identified as CVE-2023-35078, affects Ivanti’s Endpoint Manager Mobile (EPMM), formerly known as MobileIron Core.

This vulnerability allows unauthorized remote API access, undermining the software's authentication process. Ivanti has responded by releasing security patches for the vulnerability. The company advises upgrading to EPMM versions 11.8.1.1, 11.9.1.1, and 11.10.0.2. These patches also cover unsupported and end-of-life software versions below 11.8.1.0, demonstrating Ivanti's dedication to securing even its out-of-date products.

According to Ivanti's security advisory, only a 'very limited number of customers' have been affected. The company is currently collaborating with partners and customers to further investigate the situation.

Meanwhile, security researcher Vaishno Chaitanya has developed a proof-of-concept (PoC) exploit for CVE-2023-35078. He has also provided a video demonstration of the exploit targeting a vulnerable EPMM instance. This serves as a stark warning of the risks associated with neglecting cybersecurity.

Chaitanya made the PoC exploit for the CVE-2023-35078 vulnerability available on his Github repository. PwnDefend Cyber Security Consultant Daniel Card has warned that a large number of MobileIron user portals are still exposed online. His research on Shodan reveals that over 2,900 such portals are vulnerable, with at least 36 belonging to U.S. local and state government agencies. Most of the exposed servers are located in the United States, followed by Germany, the United Kingdom, and Hong Kong.

The immediate remedy for this cybersecurity issue is to promptly apply the patches provided by Ivanti for EPMM (MobileIron). Network administrators are strongly encouraged to do so. As our world becomes more interconnected, ensuring the security of our digital spaces is increasingly vital.

Related News

Latest News

Like what you see?

Get a digest of headlines, vulnerabilities, risk context, and more delivered to your inbox.

Subscribe Below

By submitting this form, you’re giving us permission to email you. You may unsubscribe at any time.

Accelerate Security Teams

Continuously identify and prioritize the risks that are most critical in your environment, and validate that your remediation efforts are reducing risk. An always-on single source-of-truth of your assets, services, and vulnerabilities.