Threat Intelligence Report: Ivanti Zero-Day

August 21, 2023

The FTI Cybersecurity team released a threat intelligence report regarding a critical zero-day vulnerability related to mobile device management (MDM). Specifically, Ivanti Endpoint Manager Mobile is being exploited by CVE-2023-35078 and CVE-2023-35081. The report details the threat activity, threat assessment, and provides recommended actions.

Read the Report

Update: Zero-Day Vulnerability Allows Threat Actors to Configure Ivanti Sentry as System Manager Portal Administrator

Based on the popularity of MDM, threat actors will continue to seek new ways to exploit mobile devices because of the critical business information they possess. As recently as Monday, August 21, a new Ivanti vulnerability was identified:

Advisory from Ivanti