Known Exploited Vulnerabilities CVE-2023-35081 Mappings

A path traversal vulnerability in Ivanti EPMM versions (11.10.x < 11.10.0.3, 11.9.x < 11.9.1.2 and 11.8.x < 11.8.1.2) allows an authenticated administrator to write arbitrary files onto the appliance.

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name Notes
CVE-2023-35081 Ivanti Endpoint Manager Mobile (EPMM) Path Traversal Vulnerability primary_impact T1059 Command and Scripting Interpreter
Comments
This vulnerability is exploited through a path traversal flaw in Ivanti EPMM. Attackers initiate this vulnerability by leveraging authenticated administrative access to remotely write arbitrary files onto the server. This enables them to deploy additional payloads, potentially granting further access and compromising the system.
References
CVE-2023-35081 Ivanti Endpoint Manager Mobile (EPMM) Path Traversal Vulnerability exploitation_technique T1190 Exploit Public-Facing Application
Comments
This vulnerability is exploited through a path traversal flaw in Ivanti EPMM. Attackers initiate this vulnerability by leveraging authenticated administrative access to remotely write arbitrary files onto the server. This enables them to deploy additional payloads, potentially granting further access and compromising the system. This vulnerability is often used in conjunction with CVE-2023-35078 (along with others) that provides unauthenticated access, enhancing the attack's capabilities. It has been actively exploited, impacting victims by leveraging both vulnerabilities together.
References