CVE-2023-35078

Name of the Vulnerable Software and Affected Versions Ivanti Endpoint Manager Mobile (EPMM) versions prior to 11.10

Description The issue is related to an authentication bypass vulnerability in Ivanti Endpoint Manager Mobile (EPMM), which allows unauthorized users to access restricted functionality or resources of the application without proper authentication. This vulnerability has been exploited in the wild, with advanced persistent threat (APT) actors using it to gain unauthorized access. The vulnerability impacts all supported versions of the software.

Recommendations For Ivanti Endpoint Manager Mobile (EPMM) versions prior to 11.10, apply the available patch to protect against unauthorized access and data breaches. As a temporary workaround, consider restricting access to sensitive resources and functionality until the patch is applied.