CVE-2023-35081: New Remote Arbitrary File Write Vulnerability in Ivanti Endpoint Manager Mobile

Find Arctic Wolf’s recommendations for CVE-2023-35081.

On July 28^th, 2023, Ivanti released a security advisory detailing a new vulnerability affecting Ivanti Endpoint Manager Mobile which allows an authenticated administrator to perform arbitrary file writes (CVE-2023-35081). A threat actor could utilize a previous Ivanti vulnerability CVE-2023-35078 which was disclosed on July 24th, to bypass administrator authentication and reduce the complexity of CVE-2023-35081, which could result in the threat actor being able to execute arbitrary OS commands when successfully exploited.

Ivanti has indicated that active exploitation has occurred and has impacted the same customers that were impacted by CVE-2023-35078. At this time, a proof of concept (PoC) exploit is not available for CVE-2023-35081.

Product

Vulnerable Versions

Ivanti Endpoint Manager Mobile

All supported versions –releases: 11.10, 11.9, and 11.8.

Older, unsupported versions are also affected.

Recommendation for CVE-2023-35081: Apply the Latest Patch Released by Ivanti

Arctic Wolf strongly recommends reviewing Ivanti’s security advisory and knowledge base article to access and apply the patch. Customer login is required.

Please follow your organization’s patching and testing guidelines to avoid any operational impact.

© 2025 Arctic Wolf Networks Inc. All Rights Reserved.
Privacy Notice	Terms of Use	Cookie Policy	Accessibility Statement	Information Security	Sustainability Statement	Cookies Settings

Platform

Concierge

Journey

Reduce Attack Frequency

Reduce Attack Severity

Transfer Risk

Get Started

Why Arctic Wolf

Expertise by Topic

Incident Response Timelines

Expertise by Industry

Resource Center

Trending Resources

The Arctic Wolf Threat Report draws upon the first-hand experience of our security experts, augmented by research from our threat intelligence team.

The Arctic Wolf State of Cybersecurity: 2025 Trends Report serves as an opportunity for decision makers to share their experiences over the past 12 months and their perspectives on some of the most important issues shaping the IT and security landscape.

Join Arctic Wolf on an interactive journey to discover a better path past the hazards of the modern threat landscape.

Security Bulletins

CVE-2025-20281 & CVE-2025-20282: Maximum Severity Unauthenticated RCE Vulnerabilities in Cisco ISE and ISE-PIC

CVE-2025-5777: Critical Information Disclosure Vulnerability “Citrix Bleed 2” in Citrix NetScaler ADC and Gateway

Cybersecurity Risks Amid Rising Iran–U.S. Tensions

Partners

Company

Careers

Press

CVE-2023-35081: New Remote Arbitrary File Write Vulnerability in Ivanti Endpoint Manager Mobile

Recommendation for CVE-2023-35081: Apply the Latest Patch Released by Ivanti

References

Popular Topics

Share this post:

What to read next

Arctic Wolf Networks
8939 Columbine Rd
Eden Prairie, MN 55347

1.888.272.8429

© 2025 Arctic Wolf Networks Inc. All Rights Reserved.

Privacy Notice

Terms of Use

Cookie Policy

Accessibility Statement

Information Security

Sustainability Statement

Cookies Settings

Platform

Concierge

Journey

Reduce Attack Frequency

Reduce Attack Severity

Transfer Risk

Get Started

Why Arctic Wolf

Expertise by Topic

Incident Response Timelines

Expertise by Industry

Resource Center

Trending Resources

The Arctic Wolf Threat Report draws upon the first-hand experience of our security experts, augmented by research from our threat intelligence team.

The Arctic Wolf State of Cybersecurity: 2025 Trends Report serves as an opportunity for decision makers to share their experiences over the past 12 months and their perspectives on some of the most important issues shaping the IT and security landscape.

Join Arctic Wolf on an interactive journey to discover a better path past the hazards of the modern threat landscape.

Security Bulletins

CVE-2025-20281 & CVE-2025-20282: Maximum Severity Unauthenticated RCE Vulnerabilities in Cisco ISE and ISE-PIC

CVE-2025-5777: Critical Information Disclosure Vulnerability “Citrix Bleed 2” in Citrix NetScaler ADC and Gateway

Cybersecurity Risks Amid Rising Iran–U.S. Tensions

Partners

Company

Careers

Press

CVE-2023-35081: New Remote Arbitrary File Write Vulnerability in Ivanti Endpoint Manager Mobile

Recommendation for CVE-2023-35081: Apply the Latest Patch Released by Ivanti

References

Popular Topics

Share this post:

What to read next

4 min read

CVE-2025-20281 & CVE-2025-20282: Maximum Severity Unauthenticated RCE Vulnerabilities in Cisco ISE and ISE-PIC

10 min read

CVE-2025-5777: Critical Information Disclosure Vulnerability “Citrix Bleed 2” in Citrix NetScaler ADC and Gateway

10 min read

Cybersecurity Risks Amid Rising Iran–U.S. Tensions

3 min read

Arctic Wolf Observes Social Engineering Campaign Targeting IT Staff of Healthcare Providers to Reset User Credentials

Arctic Wolf Networks 8939 Columbine Rd Eden Prairie, MN 55347

1.888.272.8429

© 2025 Arctic Wolf Networks Inc. All Rights Reserved.

Privacy Notice

Terms of Use

Cookie Policy

Accessibility Statement

Information Security

Sustainability Statement

Cookies Settings

Arctic Wolf Networks
8939 Columbine Rd
Eden Prairie, MN 55347