CVE-2023-35081 Ivanti CVE debrief

Who should care

Organizations running Ivanti Endpoint Manager Mobile (EPMM), especially security, infrastructure, and mobile device management teams responsible for patching, hardening, and internet-facing service exposure.

Technical summary

The supplied records identify the issue as a path traversal vulnerability in Ivanti Endpoint Manager Mobile (EPMM). The CISA KEV entry marks it as known exploited and references vendor instructions as the required response. No CVSS score was supplied in the corpus.

Defensive priority

High. CISA added this CVE to the Known Exploited Vulnerabilities catalog on the publication date, so exposure should be assumed to be urgent until mitigations are in place.

Recommended defensive actions

• Check whether Ivanti Endpoint Manager Mobile (EPMM) is deployed anywhere in your environment.
• Review and apply vendor-provided mitigations or fixes referenced by Ivanti and CISA.
• If mitigations are unavailable, follow CISA guidance to discontinue use of the product until a safe remediation path exists.
• Prioritize externally reachable or internet-facing EPMM instances for verification and containment.
• Confirm asset inventory, patch status, and any compensating controls for EPMM systems.
• Monitor for indicators of abnormal access or unauthorized file/path handling on affected systems.

Evidence notes

The CVE record and NVD link identify the vulnerability as CVE-2023-35081 for Ivanti Endpoint Manager Mobile (EPMM). The CISA KEV source item states the issue is known exploited, gives a date added of 2023-07-31, and instructs defenders to apply vendor mitigations or discontinue use if mitigations are unavailable. No additional technical detail beyond the path traversal classification was supplied in the corpus.

Official resources