Skip to content

Ivanti released a patch for a critical vulnerability in Ivanti Endpoint Manager Mobile (EPMM), formerly MobileIron Core. The vulnerability, CVE-2023-35078, allows unauthorised access to potentially personal information and the ability to make changes to records.

The vulnerability affects all supported versions of EPMM, including 11.4 releases 11.10, 11.9, and 11.8. Older versions and releases are also vulnerable. Patches have been released for versions,, and Organisations are urged to upgrade to a patched version as soon as possible.

The vulnerability was exploited in a zero-day attack against Norwegian government officials. It is suspected that some Scottish companies have not yet patched their systems.

If you use Ivanti Endpoint Manager Mobile, please immediately check your version and apply the patch. You can find more information about the vulnerability and the patch in the Ivanti Security Advisory.

Related Links: