Multiple Vulnerabilities in Ivanti Endpoint Manager Mobile
Vulnerabilities could allow an attacker to escalate privileges, modify data, or execute arbitrary commands
Summary
Vulnerabilities could allow an attacker to escalate privileges, modify data, or execute arbitrary commands
Affected platforms
The following platforms are known to be affected:
Threat details
Introduction
Ivanti has disclosed three vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM), formerly known as MobileIron Core, each with a CVSSv3 score of 6.7.
CVE-2024-22026 is a privilege escalation vulnerability in EPMM, which could allow an authenticated local attacker to bypass shell restriction and execute arbitrary commands on the appliance.
CVE-2023-46806 and CVE-2023-46807 are SQL injection vulnerabilities in the web component of EPMM, which could allow an authenticated attacker with appropriate privilege to access or modify data in the underlying database.
Proof-of-concept for exploitation of CVE-2024-22026
A proof-of-concept for the exploitation of CVE-2024-22026 has been publicly released. Exploitation is considered more likely.
Remediation advice
Affected organisations are advised to review Ivanti's KB Security Advisory - Ivanti Endpoint Manager Mobile (EPMM) May 2024 advisory and apply any necessary updates as soon as possible.
Definitive source of threat updates
CVE Vulnerabilities
Last edited: 22 May 2024 4:00 pm