Ivanti is urging administrators of Ivanti Sentry (formerly MobileIron Sentry) gateways to patch a newly discovered vulnerability (CVE-2023-38035) that could be exploited to change configuration, run system commands, or write files onto the vulnerable system. “As of now, we are only aware of a limited number of customers impacted by CVE-2023-38035,” the company said in the advisory, but still has to clarify whether that means detected exploitation attempts or simply vulnerable installations reachable via internet.
Source: Help Net Security