| Capability ID | Capability Description | Mapping Type | ATT&CK ID | ATT&CK Name | Notes |
|---|---|---|---|---|---|
| CVE-2020-15505 | Ivanti MobileIron Multiple Products Remote Code Execution Vulnerability | primary_impact | T1059 | Command and Scripting Interpreter |
Comments
CVE-2020-15505 is an RCE vulnerability in MobileIron Core & Connector that allows an external attacker, with no privileges, to execute code of their choice on the vulnerable system. As mobile device management (MDM) systems are critical to configuration management for external devices, they are usually highly permissioned and make a valuable target for threat actors.
Multiple APTs have been observed exploiting this vulnerability to gain unauthorized access.
References
|
| CVE-2020-15505 | Ivanti MobileIron Multiple Products Remote Code Execution Vulnerability | exploitation_technique | T1190 | Exploit Public-Facing Application |
Comments
CVE-2020-15505 is an RCE vulnerability in MobileIron Core & Connector that allows an external attacker, with no privileges, to execute code of their choice on the vulnerable system. As mobile device management (MDM) systems are critical to configuration management for external devices, they are usually highly permissioned and make a valuable target for threat actors.
Multiple APTs have been observed exploiting this vulnerability to gain unauthorized access.
References
|