Vulnerability in MobileIron MDM is attacked (Nov. 2020)

[German]The National Cyber Security Centre (NCSC) in the UK has issued a warning that a vulnerability in MobileIron mobile device management (MDM) software is under attack by state-sponsored hackers and organized crime.


Advertising

In this message  dated November 23, 2020, the National Cyber Security Centre (NCSC) in the UK points out that several players are trying to exploit vulnerability CVE 2020-15505 in MobileIron Mobile Device Management (MDM). MDM systems allow system administrators to manage an organization's mobile devices from a central server, making them a lucrative target for threat actors.

In June 2020, MobileIron, a provider of mobile device management (MDM) systems, released security updates to address several vulnerabilities in its products. These included CVE-2020-15505, a 'vulnerability' that allows remote code execution, which was identified as critical.

This critical vulnerability affects MobileIron core and connector products and could allow a remote attacker to execute arbitrary code on a system. The MobileIron website lists the following versions as affected:

  • 10.3.0.3 and earlier
  • 10.4.0.0, 10.4.0.1, 10.4.0.2, 10.4.0.3, 10.5.1.0, 10.5.2.0 und 10.6.0.0
  • Sentry versions 9.7.2 and earlier
  • 9.8.0
  • Monitor and Reporting Database (RDB) version 2.0.0.1 and earlier

A "proof of concept exploit" became available in September 2020, and since then both hostile state actors and cybercriminals have tried to exploit this vulnerability in the UK. These actors typically scan victims' networks to identify vulnerabilities (including CVE-2020-15505) to be used in target selection.

In some cases where the latest updates are not installed, they have successfully compromised systems. Healthcare, local government, logistics and the legal sector have all been targeted, but other areas may also be affected.


Advertising

MobileIron provided security updates for all affected versions on June 15, 2020. Organisations can find all relevant links to the updates on the MobileIron website at this web address.


Advertising

This entry was posted in Security and tagged . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: Please note the rules for commenting on the blog (first comments and linked posts end up in moderation, I release them every few hours, I rigorously delete SEO posts/SPAM).