Ivanti Urges Users to Update Endpoint Manager Mobile to Address Zero-Day Vulnerability

Ivanti Urges Users to Update Endpoint Manager Mobile to Address Zero-Day Vulnerability

Ivanti Urges Users to Update Endpoint Manager Mobile

Endpoint Manager Mobile (EPMM) users are advised to update their mobile device management software to address an actively exploited zero-day vulnerability. Ivanti, the company behind EPMM (formerly MobileIron Core), has issued a warning urging users to install the latest version that includes a fix for the vulnerability.

The Zero-Day Vulnerability: CVE-2023-35078

The zero-day vulnerability, identified as CVE-2023-35078, is categorized as a remote unauthenticated API access vulnerability. It is reported to affect EPMM version 11.4 releases 11.10, 11.9, and 11.8, which are currently supported by Ivanti.

The vulnerability allows an attacker to access the API remotely without authentication, which could potentially lead to unauthorized access to sensitive information or the ability to make unauthorized changes to EPMM configurations.

Importance of Updating to the Latest Version

Updating to the latest version of EPMM is crucial to address the zero-day vulnerability and prevent potential exploitation. By updating, users can ensure that their mobile device management software is protected against unauthorized access and maintain the security of their sensitive information.

Additionally, regular updates often include other bug fixes, performance improvements, and new features that enhance the overall functionality and user experience of EPMM.

How to Update Endpoint Manager Mobile

To update EPMM and patch the zero-day vulnerability, users should follow the recommended update process provided by Ivanti. This typically involves downloading the latest version from the official website and installing it on the system where EPMM is deployed.

It is strongly advised to prioritize the update and implement it promptly to minimize the risk of potential exploitation.

In Conclusion

Ivanti has issued a warning to EPMM users, urging them to update their mobile device management software to the latest version. The update includes a fix for a zero-day vulnerability, CVE-2023-35078, that allows remote unauthenticated API access. By updating, users can effectively mitigate the risk of unauthorized access to sensitive information and ensure the security of their EPMM configurations.

Remember, staying up-to-date with software updates is essential for maintaining the overall security and performance of your technology. Keeping your software patched and protected is like adding an extra layer of security to your virtual fortress. So, don’t forget to update and keep those vulnerabilities at bay!

Original Article: https://thehackernews.com/2023/07/ivanti-releases-urgent-patch-for-epmm.html


Leave a Reply

Your email address will not be published. Required fields are marked *

0

Your Cart Is Empty

No products in the cart.