NCSC urges firms to patch against MobileIron vulnerability
Remote attackers are targeting healthcare, logistics, legal, and local government sectors
Organisations using the California-based enterprise mobile device management (MDM) provider's software could be targeted by Advanced Persistent Threat (APT) nation-state groups looking to exploit a critical remote code execution vulnerability, according to the NCSC.
The flaw, tracked as CVE-2020-15505, affects MobileIron Core and Connector products, specifically the following models: 10.4.0.0, 10.4.0.1, 10.4.0.2, 10.4.0.3, 10.5.1.0, 10.5.2.0, 10.6.0.0, 10.3.0.3 and earlier, Sentry versions 9.8.0, 9.7.2 and earlier, as well as the Monitor and Reporting Database (RDB) version 126.96.36.199 and earlier.
The issue reportedly stems back to June 2020, when MobileIron released security updates to address several vulnerabilities in their products. However, users who had not applied the patches have since been the target of cyber attacks.
According to the NCSC, hostile state actors and cyber criminals have attempted to exploit the vulnerability since the publication of a proof of concept exploit became available in September 2020. The security organisation warned that remote attackers were already able to take advantage of the flaw by targeting healthcare, logistics, legal, and local government sectors.
The NCSC strongly advised UK organisations to refer to the MobileIron guidance, keeping informed of any future updates, as well as ensure that all affected versions have had the necessary updates installed.
IT Pro has contacted MobileIron for comment but the company has yet to respond. In an update published last month, the MDM provider said that it had “engaged in ongoing proactive outreach to help customers secure their systems”.
“That outreach has included calls from our account teams, regular targeted emails, and in-product notices. We currently estimate that between 90%-95% of all devices are now managed on patched/updated versions of our software. We continue to follow up with the remaining customers where we can determine that they have not yet patched or upgraded affected products,” it stated.
How to be an MSP: Seven steps to success
Building your business from the ground upDownload now
The smart buyer’s guide to flash
Find out whether flash storage is right for your businessDownload now
How MSPs build outperforming sales teams
The definitive guide to salesDownload now
The business guide to ransomware
Everything you need to know to keep your company afloatDownload now