Shockwave Attack Surface Management - CVE-2023-35078 Authentication Bypass affecting Ivanti MobileIron

CVE-2023-35078 is a Critical CVE on Ivanti's MobileIron product that allows malicious actors to dump the entire PII, devices and users on the MobileIron system in a matter of a single request.

Critical CVE alert - at shockwave.cloud we have put our hands on a POC for CVE-2023-35078 which is a Critical Authentication Bypass that allows full dump of your MobileIron instances PII in a single request.We already ensured that our customers and bug bounty programs are secured from nation state attacks, even before public POC has been released!if you’re using MobileIron - don’t hesitate to reach out for a free examination - we suggest to patch ASAP.

‍

https://www.linkedin.com/feed/update/urn:li:activity:7089932532464463872/

‍

Gal Nagli

Nagli is a one of the world's most successful Bug Bounty Hunters, mostly known for his automation.

Ready to secure your Externally Facing Attack Surface? ->

Schedule a Demo Browse all features

Shockwave Attack Surface Management - CVE-2023-35078 Authentication Bypass affecting Ivanti MobileIron

Gal Nagli

Quick Links

Follow us