Main Vulnerability Database Exploits ID:4618 - Exploit for Code Injection in Ivanti products - CVE-2020-15505

ID:4618 - Exploit for Code Injection in Ivanti products - CVE-2020-15505

Published: September 16, 2020

Vulnerability identifier: #VU46745

Vulnerability risk: High

CVE-ID: CVE-2020-15505

CWE-ID: CWE-94

Exploitation vector: Remote access

Vulnerable software:
Enterprise Connector
Reporting Database (RDB)
Endpoint Manager Mobile (formerly MobileIron Core)
MobileIron Sentry
MobileIron Cloud

Link to public exploit:

https://github.com/swiper/CVE-2020-15505

Vulnerability description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to improper input validation. A remote attacker can execute arbitrary code on the target system via unspecified vectors.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Remediation

Install updates from vendor's website.

ID:4618 - Exploit for Code Injection in Ivanti products - CVE-2020-15505

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human