Security News > 2023 > August > CISA issues new warning on actively exploited Ivanti MobileIron bugs
The U.S. Cybersecurity and Infrastructure Security Agency warned today of state hackers exploiting two flaws in Ivanti's Endpoint Manager Mobile, formerly MobileIron Core.
"Mobile device management systems are attractive targets for threat actors because they provide elevated access to thousands of mobile devices, and APT actors have exploited a previous MobileIron vulnerability," CISA said on Tuesday.
Today's warning comes as a joint advisory issued in collaboration with Norway's National Cyber Security Centre, and it follows an order asking U.S. federal agencies to patch one of these two actively exploited flaws by August 15.
CISA warns govt agencies to patch Ivanti bug exploited in attacks.
Ivanti patches new zero-day exploited in Norwegian govt attacks.
Ivanti patches MobileIron zero-day bug exploited in attacks.
News URL
Related news
- CISA Flags Critical Ivanti vTM Vulnerability Amid Active Exploitation Concerns (source)
- Ivanti vTM auth bypass flaw exploited in attacks, CISA warns (CVE-2024-7593) (source)
- Ivanti Endpoint Manager Flaw Actively Targeted, CISA Warns Agencies to Patch (source)
- CISA adds fresh Ivanti vuln, critical Fortinet bug to hall of shame (source)