CVE-2023-35081: 
Ivanti Endpoint Manager Mobile vulnerability analysis and mitigation

A path traversal vulnerability (CVE-2023-35081) was identified in Ivanti Endpoint Manager Mobile (EPMM), formerly known as MobileIron Core. The vulnerability affects EPMM versions 11.10.x (versions before 11.10.0.3), 11.9.x (versions before 11.9.1.2), and 11.8.x (versions before 11.8.1.2). The vulnerability was discovered in July 2023 and publicly disclosed by Ivanti (Ivanti Blog).

CVE-2023-35081 is a directory traversal vulnerability [CWE-22] that allows an authenticated administrator to write arbitrary files onto the appliance with the operating system privileges of the EPMM web application server. The vulnerability has received a CVSS v3.1 base score of 7.2 (HIGH) with the vector string CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H (NVD).

The vulnerability enables attackers with administrator privileges to write arbitrary files to the EPMM server. When combined with CVE-2023-35078, exploitation no longer requires authentication and can bypass ACLs. This combination allows attackers to potentially execute uploaded files, such as webshells, leading to system compromise (CISA Advisory).

Organizations are strongly advised to upgrade to the latest version of Ivanti EPMM immediately. Patches are available that protect against both CVE-2023-35081 and CVE-2023-35078. Organizations using unsupported versions (prior to 11.8.1.0) should immediately upgrade to a supported version. If immediate upgrade is not possible, Ivanti has provided an RPM fix, though this workaround only protects against CVE-2023-35078 and not CVE-2023-35081 (CISA Advisory).