Background / What’s happened?
ACSC has received reports of a vulnerability in Ivanti EPMM impacting all supported versions 11.10, 11.9 and 11.8. Older versions/releases are also at risk. This vulnerability enables an unauthorised, remote (internet-facing) actor to potentially access users’ personally identifiable information and make limited changes to the server. The Ivanti MobileIron security advisory includes patches for all supported versions.
Mitigation / How do I stay secure?
Australian organisations should review their networks for use of vulnerable instances of Ivanti EPMM. The Ivanti EPMM security advisory recommends upgrading EPMM with patch releases (184.108.40.206, 220.127.116.11 and 18.104.22.168) from the system manager portal. If you cannot upgrade, please refer to the information in the advisory to apply an RPM-based solution.
Organisations are also encouraged to familiarise themselves with ACSC advice and resources.
Assistance / Where can I go for help?
The ACSC is monitoring the situation and is able to provide assistance and advice as required. Organisations that have been impacted or require assistance can contact the ACSC via cyber.gov.au/report, or 1300 CYBER1 (1300 292 371).
Reporting of available information to the ACSC contributes to our advice, and all organisations’ understanding of the current threat environment.
Read this alert on the website: https://www.cyber.gov.au/about-us/view-all-content/alerts-and-advisories/vulnerability-ivanti-endpoint-manager-mobile-epmm