25 July 2023
Ivanti confirmed a vulnerability in its Endpoint Manager Mobile (EPMM). Ivanti has released security updates for the affected versions.
CVE-2023-35078 (CVSS 3.1: 10) is an authentication bypass vulnerability that allows unauthorized users to access the functionality or content of the application without any form of authentication.
Affected Products
-
Ivanti Endpoint Manager Mobile (EPMM) version 11.4 release 11.10 and earlier
Security Updates
Ivantie confirmed that exploits of CVE-2023-35078 have been observed and that all devices should be updated as soon as possible.
-
Ivanti Endpoint Manager Mobile (EPMM) version 11.4 release 11.10 and later releases
More information from Ivanti, link