Lucene search
HiveForce LabsHIVEPRO:B75F087EFAC214AC9503334BF8ECF522HistoryAug 03, 2023 - 6:01 a.m.
Ivanti Addressed Second Zero-Day Flaw Exploited by Attackers
2023-08-0306:01:53
HiveForce Labs
www.hivepro.com
31
ivanti
zero-day
flaw
vulnerability
admin-authenticated
attackers
arbitrary files
unauthorized access
os command execution
web shell deployment
urgent patching
data compromise
hiveforce labs
threat advisories
0.703 High
EPSS
Percentile
98.0%
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary The zero-day vulnerability (CVE-2023-35081) in Ivanti EPMM enables admin-authenticated attackers to write arbitrary files, risking unauthorized access, OS command execution, and malicious web shell deployment. Urgent patching is crucial to prevent widespread impact and data compromise. To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.
Related
cve
cve
CVE-2023-35081
2023-08-03 18:15:11
nessus
nessus
nvd
nvd
CVE-2023-35081
2023-08-03 18:15:11
cvelist
cvelist
CVE-2023-35081
2023-08-03 17:00:10
attackerkb
attackerkb
CVE-2023-35081
2023-08-03 00:00:00
prion
prion
Path traversal
2023-08-03 18:15:00
cisa_kev
cisa_kev
Ivanti Endpoint Manager Mobile (EPMM) Path Traversal Vulnerability
2023-07-31 00:00:00
rapid7blog
rapid7blog
thn
thn
malwarebytes
malwarebytes
Ivanti patches second zero-day vulnerability being used in attacks
2023-08-02 15:15:00
[updated] Ivanti Sentry critical vulnerability—don't play dice, patch
2023-08-23 16:30:00
August Patch Tuesday stops actively exploited attack chain and more
2023-08-10 01:00:00
ics
ics
Threat Actors Exploiting Ivanti EPMM Vulnerabilities
2023-08-01 12:00:00