These Ivanti EPMM vulnerabilities have been observed in active cyber attacks on systems using the affected versions. Threat actors can use vulnerability chaining to combine attacks through all three vulnerabilities to achieve privileged access to EPMM systems. The following Ivanti products are impacted: Ivanti Endpoint Manager Mobile 11.10 Ivanti Endpoint Manager Mobile 11.9 Ivanti Endpoint Manager Mobile 11.8 MobileIron Core version 11.7 and below
If you are currently using Ivanti Endpoint Manager Mobile versions 11.10, 11.9 and 11.8, you should immediately upgrade your version and https://forums.ivanti.com/s/article/KB-Remote-Unauthenticated-API-Access-Vulnerability-CVE-2023-35082.
Upgrading to the latest version of Ivanti Endpoint Manager Mobile (EPMM) is the best way to protect your environment from threats," https://forums.ivanti.com/s/article/CVE-2023-35082-Remote-Unauthenticated-API-Access-Vulnerability-in-MobileIron-Core-11-2-and-older?language=en_US.