CVE-2023-35081

CVSS 7.2 HIGHEPSS 63.3%● KEVCWE-22

Vexday Risk Score

63High priority

SSVC decision (CISA)

Act

Exploitation + impact → act immediately

CVSS 7.2EPSS 63.3%KEV simPoC —Nuclei —Metasploit —Patch —

Lifecycle

31 Jul 2023Active exploitation (CISA KEV)

03 Aug 2023Published on NVD

Recommendation: Patch as soon as possible — active exploitation confirmed.

In short

An authenticated administrator can bypass file system restrictions in Ivanti EPMM and write files anywhere on the system. This allows them to place malicious files or modify critical system files, potentially taking complete control of the device.

Technical detail

Path traversal vulnerability in Ivanti EPMM (11.10.x < 11.10.0.3, 11.9.x < 11.9.1.2, 11.8.x < 11.8.1.2) permits authenticated administrators to write arbitrary files to the appliance via improper input validation on file path parameters. Exploitation requires valid administrator credentials and results in unauthorized file creation/modification with system privileges.

Summary generated and translated by AI from the official description.

A path traversal vulnerability in Ivanti EPMM versions (11.10.x < 11.10.0.3, 11.9.x < 11.9.1.2 and 11.8.x < 11.8.1.2) allows an authenticated administrator to write arbitrary files onto the appliance.

CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Affected products

Ivanti · EPMM

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://forums.ivanti.com/s/article/CVE-2023-35081-Arbitrary-File-Write?language=en_US https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-35081