CVE-2023-35078 Ivanti CVE debrief

Who should care

Security and platform teams responsible for Ivanti Endpoint Manager Mobile (EPMM), especially administrators of exposed management interfaces, incident responders, and vulnerability management teams tracking CISA KEV items.

Technical summary

The supplied official records describe CVE-2023-35078 as an authentication bypass vulnerability in Ivanti Endpoint Manager Mobile (EPMM), with the associated exposure described as remote unauthenticated API access. The CISA KEV entry indicates the vulnerability is known to be exploited and records known ransomware campaign use as Known. The source corpus does not provide a CVSS score, so prioritization should be based on exploitation status and vendor guidance rather than severity scoring alone.

Defensive priority

Critical. CISA KEV inclusion and known exploitation make this an immediate mitigation or removal priority.

Recommended defensive actions

• Apply mitigations per vendor instructions referenced by CISA and Ivanti.
• If mitigations are unavailable, discontinue use of the product as CISA directs.
• Treat EPMM instances as urgent exposure-management candidates and verify whether any affected deployments remain in service.
• Use the official CVE, NVD, and CISA KEV references to track status and response requirements.

Evidence notes

All claims are based on the supplied CISA KEV source item and official reference links. The KEV metadata states the vulnerability name, dateAdded 2023-07-25, dueDate 2023-08-15, knownRansomwareCampaignUse as Known, and requiredAction to apply mitigations per vendor instructions or discontinue use if mitigations are unavailable. The provided CVE and NVD links are official corroborating references, but the corpus does not include a CVSS score.

Official resources