Tag: U.S. Cybersecurity

U.S. Cybersecurity Agency Warns of Actively Exploited Ivanti EPMM Vulnerability
News

U.S. Cybersecurity Agency Warns of Actively Exploited Ivanti EPMM Vulnerability

A serious issue that has been fixed and affects Ivanti Endpoint Manager Mobile (EPMM) and MobileIron Core was added by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to its list of known exploited vulnerabilities (KEV) on Thursday. The agency stated that the flaw is being actively exploited in the field. Concerning CVE-2023-35082 (CVSS score: 9.8), this vulnerability is an authentication bypass that is a workaround for another vulnerability in the same solution that is being tracked as CVE-2023-35078 (CVSS score: 10.0). "If exploited, this vulnerability enables an unauthorized, remote (internet-facing) actor to potentially access users' personally identifiable information and make limited changes to the server read more U.S. Cybersecurity Agency Warns of Actively E...