Security News > 2020 > September > Vulnerabilities Expose Thousands of MobileIron Servers to Remote Attacks
Researchers have disclosed the details of several potentially serious vulnerabilities affecting MobileIron's mobile device management solutions, including a flaw that can be exploited by an unauthenticated attacker for remote code execution on affected servers.
The vulnerabilities were identified by researchers at security consulting firm DEVCORE and they were reported to MobileIron in early April.
In a blog post published last week, DEVCORE's Orange Tsai reported that they have decided to analyze MobileIron's products due to their widespread use - the vendor claims more than 20,000 enterprises use its solutions and the researchers' analysis showed that over 15% of Global Fortune 500 organizations exposed their MobileIron servers to the internet, including Facebook.
Orange Tsai told SecurityWeek that exploiting CVE-2020-15505, which is a deserialization-related issue, is enough for a remote, unauthenticated attacker to achieve arbitrary code execution on a vulnerable MobileIron server.
The researcher says there are currently roughly 10,000 potentially exposed servers on the internet, and while a patch has been available for months, he claims roughly 30% of servers on the internet remain unpatched.
News URL
Related news
- New NachoVPN attack uses rogue VPN servers to install malicious updates (source)
- VPN vulnerabilities, weak credentials fuel ransomware attacks (source)
- Russian hackers hijack Pakistani hackers' servers for their own attacks (source)
- Russian hackers hijack Pakistani hackers' servers for their own attacks (source)
- Apache Tomcat Vulnerability CVE-2024-56337 Exposes Servers to RCE Attacks (source)
- FICORA and Kaiten Botnets Exploit Old D-Link Vulnerabilities for Global Attacks (source)
- Over 3 million mail servers without encryption exposed to sniffing attacks (source)
- Mitel MiCollab, Oracle WebLogic Server vulnerabilities exploited by attackers (source)
- Rsync vulnerabilities allow remote code execution on servers, patch quickly! (source)
- Over 660,000 Rsync servers exposed to code execution attacks (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-07-07 | CVE-2020-15505 | Use of Incorrectly-Resolved Name or Reference vulnerability in Mobileiron products A remote code execution vulnerability in MobileIron Core & Connector versions 10.3.0.3 and earlier, 10.4.0.0, 10.4.0.1, 10.4.0.2, 10.4.0.3, 10.5.1.0, 10.5.2.0 and 10.6.0.0; and Sentry versions 9.7.2 and earlier, and 9.8.0; and Monitor and Reporting Database (RDB) version 2.0.0.1 and earlier that allows remote attackers to execute arbitrary code via unspecified vectors. | 9.8 |