On July 28th, 2023, Ivanti released a security advisory detailing a new vulnerability affecting Ivanti Endpoint Manager Mobile which allows an authenticated administrator to perform arbitrary file writes (CVE-2023-35081). A threat actor could utilize a previous Ivanti vulnerability CVE-2023-35078 which was disclosed on July 24th, to bypass administrator authentication and reduce the complexity of CVE-2023-35081, which could result in the threat actor being able to execute arbitrary OS commands when successfully exploited.
Ivanti has indicated that active exploitation has occurred and has impacted the same customers that were impacted by CVE-2023-35078. At this time, a proof of concept (PoC) exploit is not available for CVE-2023-35081.
Product | Vulnerable Versions |
Ivanti Endpoint Manager Mobile |
All supported versions –releases: 11.10, 11.9, and 11.8. Older, unsupported versions are also affected. |
Recommendation for CVE-2023-35081: Apply the Latest Patch Released by Ivanti
Arctic Wolf strongly recommends reviewing Ivanti’s security advisory and knowledge base article to access and apply the patch. Customer login is required.
Please follow your organization’s patching and testing guidelines to avoid any operational impact.