Main Vulnerability Database Exploits ID:9828 - Exploit for OS Command Injection in Endpoint Manager Mobile (formerly MobileIron Core) - CVE-2024-22026

ID:9828 - Exploit for OS Command Injection in Endpoint Manager Mobile (formerly MobileIron Core) - CVE-2024-22026

Published: May 23, 2024

Vulnerability identifier: #VU89767

Vulnerability risk: Low

CVE-ID: CVE-2024-22026

CWE-ID: CWE-78

Exploitation vector: Local access

Vulnerable software:
Endpoint Manager Mobile (formerly MobileIron Core)

Link to public exploit:

https://github.com/securekomodo/CVE-2024-22026

Vulnerability description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to improper input validation. A local user can bypass shell restriction and execute arbitrary commands on the appliance.

Remediation

Install updates from vendor's website.

ID:9828 - Exploit for OS Command Injection in Endpoint Manager Mobile (formerly MobileIron Core) - CVE-2024-22026

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human