Investigating CVE-2023-35078: Ivanti Endpoint Manager...

Investigating CVE-2023-35078: Ivanti Endpoint Manager Mobile (EPMM) Authentication Bypass Vulnerability

Edited on July 25, 7:30AM PST

The Tenable Security Response Team, a part of Tenable Research, is investigating a newly disclosed vulnerability in Ivant’s Endpoint Manager Mobile (EPMM), formerly known as MobileIron Core. The flaw, identified as CVE-2023-35078, was first disclosed in a post by Heise Online. However, Ivanti published its own article (ID: 000087041) about the flaw. However, the full details about the vulnerability are only available to Ivanti customers.

Tenable Research is investigating coverage for this vulnerability. Please refer to our Plugins Pipeline page for up-to-date information on when a plugin is in development.

In the meantime, we strongly advise customers utilize our Service detection plugins for MobileIron Core to identify assets in your environment:

141340: MobileIron Core Detection
141341: MobileIron Core API Detection

Edit: Our blog post for this vulnerability is now available.

Cyber Exposure Alerts

Vulnerability Watch

Forum Discussion

Investigating CVE-2023-35078: Ivanti Endpoint Manager...

Recent Discussions

FAQ on Exploited Zero-Day Flaws in Cisco ASA and FTD Devices (CVE-2025-20333, CVE-2025-20362)

Microsoft’s September 2025 Patch Tuesday Addresses 80 CVEs (CVE-2025-55234)

Frequently Asked Questions About Chinese State-Sponsored Actors Compromising Global Networks

CVE-2025-7775: Citrix NetScaler ADC and Gateway Zero-Day RCE Vulnerability Exploited in the Wild

CVE-2025-25256: Proof of Concept Released for Fortinet FortiSIEM Command Injection Vulnerability

Americas

Europe

Asia / Australia