- 180/2023
- High
Ivanti has released security updates to address vulnerabilities in Ivanti desktop and server management 2022.2 SU2 and all prior versions and Ivanti endpoint manager versions 11.10,11.9, 11.8, or older.
The addressed vulnerabilities could allow the attacker to perform arbitrary file write to the EPMM server and can be used in conjunction with “CVE-2023-35078” to bypass authentication or execute arbitrary OS commands on the affected DSM product.
The addressed vulnerabilities:
1- DSM Arbitrary Commands Execution Vulnerability (CVE-2023-28129):
- CVSS: 7.8
- Attack Vector: Local
- Attack Complexity: Low
- Privileges Required: Low
- User Interaction: None
- Consequences: Gain Access
2- EPMM Remote Arbitrary File Write Vulnerability (CVE-2023-35081):
- CVSS: 7.2
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: High
- User Interaction: None
- Consequences: Gain Access
It should be highlighted that the vulnerability “CVE-2023-35081″ is being actively exploited in the wild.
Vulnerabilities
- CVE-2023-28129
- CVE-2023-35081
Mitigations
The enterprise should deploy this patch as soon as the testing phase is completed.