Don’t Let Your Ivanti Exposures Go Unpatched

On July 24th, 2023, Ivanti Endpoint Manager Mobile (EPMM), previously known as MobileIron Core, publicly disclosed CVE-2023-35078. This vulnerability allows unauthenticated users full API access through specific API endpoints whereby malicious actors can extract personally identifiable information (PII) and perform administrative actions, like creating new accounts and making configuration changes, without needing any credentials....