CVE-2023-35081: New Remote Arbitrary File Write Vulnerability in Ivanti Endpoint Manager Mobile

Share :

On July 28th, 2023, Ivanti released a security advisory detailing a new vulnerability affecting Ivanti Endpoint Manager Mobile which allows an authenticated administrator to perform arbitrary file writes (CVE-2023-35081). A threat actor could utilize a previous Ivanti vulnerability CVE-2023-35078 which was disclosed on July 24th, to bypass administrator authentication and reduce the complexity of CVE-2023-35081, which could result in the threat actor being able to execute arbitrary OS commands when successfully exploited.

Ivanti has indicated that active exploitation has occurred and has impacted the same customers that were impacted by CVE-2023-35078. At this time, a proof of concept (PoC) exploit is not available for CVE-2023-35081.


Product Vulnerable Versions
Ivanti Endpoint Manager Mobile

All supported versions –releases: 11.10, 11.9, and 11.8.

Older, unsupported versions are also affected.

Recommendation for CVE-2023-35081: Apply the Latest Patch Released by Ivanti

Arctic Wolf strongly recommends reviewing Ivanti’s security advisory and knowledge base article to access and apply the patch. Customer login is required.

Please follow your organization’s patching and testing guidelines to avoid any operational impact.


Picture of James Liolios

James Liolios

James Liolios is a Senior Threat Intelligence Researcher at Arctic Wolf, where he keeps a watchful eye on the latest threats and threat actors to understand the potential impact to Arctic Wolf customers. He has a background of 9 years' experience in many areas of cybersecurity, holds a bachelor's degree in Information Security, and is also CISSP certified.
Share :
Table of Contents
Subscribe to our Monthly Newsletter