Kevin Beaumont on Nostr: The #MobileIron zero day saga continues. The vendor note to customers says the flaw ...
The #MobileIron zero day saga continues.
The vendor note to customers says the flaw allows the attacker to "make limited changes to the server".
CISA have released a statement saying "An attacker can also make other configuration changes, including creating an EPMM administrative account that can make further changes to a vulnerable system"
#threatintel
https://www.cisa.gov/news-events/alerts/2023/07/24/ivanti-releases-security-updates-endpoint-manager-mobile-epmm-cve-2023-35078
The vendor note to customers says the flaw allows the attacker to "make limited changes to the server".
CISA have released a statement saying "An attacker can also make other configuration changes, including creating an EPMM administrative account that can make further changes to a vulnerable system"
#threatintel
https://www.cisa.gov/news-events/alerts/2023/07/24/ivanti-releases-security-updates-endpoint-manager-mobile-epmm-cve-2023-35078