A new zero-day vulnerability affecting a product of US-based enterprise software provider Ivanti has been exploited in an attack aimed at the Norwegian government.  Norwegian authorities announced on Monday that a dozen government ministries had been targeted in a cyberattack involving a previously unknown vulnerability.  The country’s National Security Authority later clarified that the attack involved the exploitation of CVE-2023-35078, a zero-day vulnerability impacting Ivanti’s Endpoint Manager Mobile (EPMM), formerly known as MobileIron Core.  EPMM is a widely used mobile management software engine that enables IT teams to set policies for mobile devices, applications, and content. According to an advisory published on Monday by Ivanti for CVE-2023-35078, the flaw is an unauthenticated API access issue that can be exploited by remote threat actors “to potentially access users’ personally identifiable information and make limited changes to the server”.

Source: SecurityWeek