Security News > 2023 > August > Ivanti Sentry exploited in the wild, patches emitted

Ivanti Sentry exploited in the wild, patches emitted
2023-08-22 00:30

A critical authentication bypass bug in MobileIron Sentry has been exploited in the wild, its maker Ivanti said in an advisory on Monday.

This vulnerability, tracked as CVE-2023-38035, is a 9.8-of-10 flaw in terms of CVSS severity, and strictly speaking lies within Ivanti Sentry, formerly known as MobileIron Sentry.

Ivanti Sentry versions 9.18 and earlier are affected, and the bug does not impact any other Ivanti products, we're told.

In late July, miscreants exploited CVE-2023-35078, another remote authentication bypass flaw in Ivanti Endpoint Manager Mobile, to compromise victims 12 Norwegian government agencies at least before the developer issued a fix.

Just days later, Ivanti patched a second EPMM vulnerability, tracked as CVE-2023-35081.

Neither Ivanti nor any of the government agencies investigating the intrusions have yet to attribute any of these exploits to a nation-state or criminal gang, so far.


News URL

https://go.theregister.com/feed/www.theregister.com/2023/08/22/critical_ivanti_mobileiron_sentry/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2023-08-21 CVE-2023-38035 Incorrect Authorization vulnerability in Ivanti Mobileiron Sentry
A security vulnerability in MICS Admin Portal in Ivanti MobileIron Sentry versions 9.18.0 and below, which may allow an attacker to bypass authentication controls on the administrative interface due to an insufficiently restrictive Apache HTTPD configuration.
network
low complexity
ivanti CWE-863
critical
 9.8
9.8
2023-08-03 CVE-2023-35081 Path Traversal vulnerability in Ivanti Endpoint Manager Mobile
A path traversal vulnerability in Ivanti EPMM versions (11.10.x < 11.10.0.3, 11.9.x < 11.9.1.2 and 11.8.x < 11.8.1.2) allows an authenticated administrator to write arbitrary files onto the appliance.
network
low complexity
ivanti CWE-22
7.2
7.2
2023-07-25 CVE-2023-35078 Improper Authentication vulnerability in Ivanti Endpoint Manager Mobile
An authentication bypass vulnerability in Ivanti EPMM allows unauthorized users to access restricted functionality or resources of the application without proper authentication.
network
low complexity
ivanti CWE-287
critical
 9.8
9.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Ivanti 26 9 67 130 60 266
Sentry 4 1 9 2 0 12