Actively exploited in the wild
Ivanti Endpoint Manager Mobile (EPMM) Path Traversal Vulnerability
Ivanti — Endpoint Manager Mobile (EPMM) · Listed in the CISA KEV since 2023-07-31. This indicates confirmed attacks in production environments.
Required action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
CVE-2023-35081
HighCVSS 7.2KEVExploitation Probability (EPSS)
Very high risk99th percentile — higher than 99% of all known CVEs
Summary
A path traversal vulnerability in Ivanti EPMM allows an authenticated administrator to write arbitrary files onto the appliance. It affects versions 11.10.x before 11.10.0.3, 11.9.x before 11.9.1.2, and 11.8.x before 11.8.1.2.
Risk Assessment
This vulnerability could lead to unauthorized access to the system and potential introduction of malware, threatening the integrity and confidentiality of organizational data.
Recommendation
It is recommended to update Ivanti EPMM to the latest version to mitigate this vulnerability. Additionally, an audit of administrator permissions in the system should be conducted.
Original NVD description (English source)
A path traversal vulnerability in Ivanti EPMM versions (11.10.x < 11.10.0.3, 11.9.x < 11.9.1.2 and 11.8.x < 11.8.1.2) allows an authenticated administrator to write arbitrary files onto the appliance.

