The UK National Cyber Security Centre (NCSC) issued an alert urging organizations to address the critical CVE-2020-15505 remote code execution (RCE) vulnerability in MobileIron mobile device management (MDM) systems.
MDM platforms allow administrators to remotely manage a fleet of mobile devices in their organization from a central server.
The CVE-2020-15505 vulnerability is a remote code execution issue in the MobileIron mobile device management (MDM) software that allows remote attackers to execute arbitrary code and take over remote company servers.
Experts at NCSC are aware of threat actors actively using the MobileIron CVE-2020-1550 vulnerability to compromise the networks in multiple sectors, including the healthcare, local government, logistics, and legal sectors.
“The NCSC is aware that Advanced Persistent Threat (APT) nation-state groups and cyber criminals are now actively attempting to exploit this vulnerability [T1190] to compromise the networks of UK organisations.” reads the alert.
At the end of October, the US National Security Agency (NSA) included the same RCE in the list of the top 25 vulnerabilities exploited by Chinese state-sponsored hacking groups in attacks in the wild.
The Cybersecurity and Infrastructure Agency (CISA) also warned that APT groups are chaining the CVE-2020-15505 RCE with the Netlogon/Zerologon vulnerability CVE-2020-1472 at least in a single intrusion.
The MobileIron versions affected by the CVE-2020-15505 flaw are:
(SecurityAffairs – hacking, APT)
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.