When Patches Become a Hobby: Ivanti’s Thrilling Security Vulnerabilities

Dive into the thrilling world of Ivanti’s security vulnerabilities. With an uncovered directory traversal and potential for system privilege misuse, it’s a tech thriller where the villain is always one step ahead.

Hot Take:

Well, if you’re a fan of the thrill that comes with knowing your system’s security is hanging by a thread, Ivanti’s got some news for you. A directory traversal vulnerability (CVE-2023-35081) in its Endpoint Manager Mobile (EPMM) has been identified, allowing a tech-savvy villain with EPMM admin privileges to pen his own swan song with your system’s privileges. Oh, and if you thought that was all, hold on to your hats, because by leveraging CVE-2023-35078 on an unpatched system, they can snag those admin privileges. I’ll tell you, these hackers are getting more creative by the day!

Key Points:

  • A directory traversal vulnerability (CVE-2023-35081) has been found in Ivanti’s EPMM, allowing an attacker with EPMM admin privileges to write any files using the system’s privileges.
  • The attacker could exploit CVE-2023-35078 to gain those admin privileges on an unpatched system.
  • Active exploitation of both CVE-2023-35081 and CVE-2023-35078 has been reported by Ivanti.
  • This vulnerability affects supported EPMM versions 11.10, 11.9, and 11.8. Older, unsupported versions are also affected.
  • CISA has urged users and organizations to patch both CVE-2023-35081 and CVE-2023-35078.

The Back Channel:

When Patching Becomes a Hobby:

What's more thrilling than knowing your system's security could crumble at any moment? Nothing, according to Ivanti. They've identified a directory traversal vulnerability in their EPMM that's the stuff of IT nightmares. It allows an attacker with EPMM admin privileges to write any files they wish using your system's privileges. The plot thickens as they could gain admin privileges by exploiting CVE-2023-35078 on an unpatched system. It's like a tech thriller where the villain is always one step ahead.

The Red Alert:

Now, I hope you're sitting down for this, because Ivanti has reported active exploitation of both CVE-2023-35081 and CVE-2023-35078. Yes, you heard that right, active exploitation. It's like they've thrown a party, and the hackers are the uninvited guests who just won't leave.

The Old and the Vulnerable:

This isn't just a problem for the latest and greatest versions of EPMM (11.10, 11.9, and 11.8). Even older, unsupported versions are affected. It's like being told your grandpa could get drafted; nobody saw that coming.

The Urgent Patchwork:

Like a concerned parent, CISA has urged users and organizations to patch both CVE-2023-35081 and CVE-2023-35078. Because let's face it, in the face of a security breach, patching your system is the IT equivalent of eating your vegetables; you may not like it, but you know you need to do it.

Tags: CVE-2023-35078, CVE-2023-35081, Cyber Threats, Directory Traversal, Endpoint Manager Mobile, IT security, Ivanti, patches, security vulnerabilities, System Privileges