Software company Ivanti has updated its security advisory to say that the recently disclosed remote authentication bypass vulnerability in its EPMM (formerly MobileIron Core) product affects all versions of the tool.
Tracked as CVE-2023-35082, the bug is a remote unauthenticated API access vulnerability, which, if exploited, allows to bypass authentication process and gain unauthorized access to the application. This bug was linked to the CVE-2023-35078 flaw exploited in attacks on the Norwegian government.
Initially, Ivanti said that the flaw affects MobileIron Core 11.2 and older and it “was incidentally resolved in MobileIron Core 11.3 as part of work on a product bug.”
“Since originally reporting CVE-2023-35082 on 2 August 2023 at 10:00 MDT, Ivanti has continued its investigation and has found that this vulnerability impacts all versions of Ivanti Endpoint Manager Mobile (EPMM) 11.10, 11.9 and 11.8 and MobileIron Core 11.7 and below. The risk of exploitation depends on the individual customer’s configurations,” the company informed in its updated advisory.
Ivanti has released an RPM Fix for versions 11.10 to 11.3. Customers on older versions should first upgrade to 11.10 and then apply the RPM fix.