Researchers Discover Bypass for Recently Patched Critical Ivanti EPMM Vulnerability
Ivanti Endpoint Manager Mobile (EPMM) customers are urged to update to the most recent version of the programme after security researchers found a workaround for a recently resolved actively exploited vulnerability.
The vulnerability, which has been assigned the tracking number CVE-2023-35082 (CVSS score: 10.0), was found by Rapid7 and "allows unauthenticated attackers to access the API in older unsupported versions of MobileIron Core (11.2 and below)."
Ivanti stated in a warning published on August 2, 2023 that if abused, the vulnerability might allow an unauthorised, remote (internet-facing) attacker to possibly access users' personally identifiable information and perform restricted server changes read more Researchers Discover Bypass for Recently Patched Critical Ivanti EPMM Vul...