Unauthorized Access to Restricted Functionality or Resources via Authentication Bypass Vulnerability
CVE-2023-35082

9.8CRITICAL

Key Information:

Vendor
Ivanti
Status
EPMM
Vendor
CVE Published:
15 August 2023

Badges

💰 Ransomware👾 Exploit Exists🟡 Public PoC🟣 EPSS 96%🦅 CISA Reported📰 News Worthy

Summary

An authentication bypass vulnerability has been identified in Ivanti EPMM 11.10 and earlier, enabling unauthorized users to gain access to restricted features and resources of the application without proper authentication. This flaw exposes sensitive functionalities, potentially leading to severe security risks for affected users.

CISA Reported

CISA provides regional cyber and physical services to support security and resilience across the United States. CISA monitor the most dangerious vulnerabilities and have identifed as being exploited and is known by the CISA as enabling ransomware campaigns.

The CISA's recommendation is: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Affected Version(s)

EPMM 11.10

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2023-35082
Created by Chocapikk

News Articles

favicon imageHelp Net Security

Week in review: 10 cybersecurity frameworks you need to know, exploited Chrome zero-day fixed - Help Net Security

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Key elements for a successful cyber risk management

1 year ago

favicon imageThe Hacker News

U.S. Cybersecurity Agency Warns of Actively Exploited Ivanti EPMM Vulnerability

A critical flaw (CVE-2023-35082) in Ivanti EPMM is being exploited in the wild, giving attackers access to your data.

1 year ago

favicon imageDark Reading

Third Ivanti Vulnerability Exploited in the Wild, CISA Reports

Though reports say this latest Ivanti bug is being exploited in the wild, it is unclear as to how exactly threat actors are using it.

1 year ago

References

https://forums.ivanti.com/s/article/CVE-2023-35082-Remote...

EPSS Score

96% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • 💰

    Used in Ransomware

  • 🦅

    CISA Reported

  • Vulnerability published

  • 🟡

    Public PoC available

  • 👾

    Exploit known to exist

  • Vulnerability Reserved

  • 📰

    First article discovered by Help Net Security

.