Security News > 2020 > November > Critical MobileIron RCE Flaw Under Active Attack

Critical MobileIron RCE Flaw Under Active Attack
2020-11-25 16:55

Separately, the Cybersecurity and Infrastructure Security Agency in October warned that APT groups are exploiting the MobileIron flaw in combination with the severe Microsoft Windows Netlogon/Zerologon vulnerability.

The flaw, first reported to MobileIron by Orange Tsai from DEVCORE, could allow an attacker to execute remote exploits without authentication.

MobileIron provides a platform that allows enterprises to manage the end-user mobile devices across their company.

The flaw exists across various components of this platform: In MobileIron Core, a component of the MobileIron platform that serves as the administrative console; and in MobileIron Connector, a component that adds real-time connectivity to the backend.

Threatpost has reached out to MobileIron for further comment.


News URL

https://threatpost.com/critical-mobileiron-rce-flaw-attack/161600/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Mobileiron 8 0 1 2 5 8