Ivanti, a software company, has issued a warning to its customers about a second zero-day vulnerability in its Endpoint Manager Mobile (EPMM) product. The first zero-day, CVE-2023-35078, was exploited in a cyberattack targeting Norwegian government ministries. The newly discovered vulnerability, CVE-2023-35081, allows an authenticated attacker with administrator privileges to remotely write arbitrary files to the server, potentially executing OS commands on the appliance. It can be exploited in conjunction with CVE-2023-35078 to bypass admin authentication and access control list (ACL) restrictions. While the attackers behind the exploits are yet unknown, they are likely state-sponsored. Organizations are urged to patch their systems to prevent potential attacks.

Read more: https://www.securityweek.com/second-ivanti-epmm-zero-day-vulnerability-exploited-in-targeted-attacks/