PULSE
EN VIVO37señales / 24h
FEED
ransomgunra reclama a Dissinger and Dissinger Law Firm · US · Business Servicesransomplay reclama a Boston Electric and Telephone · US · Telecommunicationransomplay reclama a Wring Group · GB · Not Foundransomincransom reclama a asa-international.com · GB · Business Servicesransomplay reclama a AG Scholtes · NL · Manufacturingransomplay reclama a Andorra Life · AD · Healthcareransomplay reclama a Svensk Direktreklam · SE · Business Servicesransomchaos reclama a radiax.com · US · Technologyransominterlock reclama a Converting Equipment International · GB · Manufacturingransomblack x reclama a sanaa · YE · Not Foundransomthegentlemen reclama a Tangram Interiors · GB · Business Servicesransomthegentlemen reclama a BRAC · BD · Business Servicesransomthegentlemen reclama a Customs Watch · US · Public Sectorransomthegentlemen reclama a Gallant · FI · Not Foundransomgunra reclama a Dissinger and Dissinger Law Firm · US · Business Servicesransomplay reclama a Boston Electric and Telephone · US · Telecommunicationransomplay reclama a Wring Group · GB · Not Foundransomincransom reclama a asa-international.com · GB · Business Servicesransomplay reclama a AG Scholtes · NL · Manufacturingransomplay reclama a Andorra Life · AD · Healthcareransomplay reclama a Svensk Direktreklam · SE · Business Servicesransomchaos reclama a radiax.com · US · Technologyransominterlock reclama a Converting Equipment International · GB · Manufacturingransomblack x reclama a sanaa · YE · Not Foundransomthegentlemen reclama a Tangram Interiors · GB · Business Servicesransomthegentlemen reclama a BRAC · BD · Business Servicesransomthegentlemen reclama a Customs Watch · US · Public Sectorransomthegentlemen reclama a Gallant · FI · Not Found
← Todos los CVEs
CVE Watch

CVE-2023-35081

Ivanti Endpoint Manager Mobile (EPMM) Path Traversal Vulnerability

CVSS

Sin CVSS

EPSS

63.3%

p99

KEV

31 jul 2023

Exploit Today

80

0-100

Publicado: · Última mod.:

EPSS · 30d
63.3%EPSS · 30 días63.3%
2026-06-302026-07-16
Ficha del catálogo KEV

Producto

Ivanti / Endpoint Manager Mobile (EPMM)

Vulnerabilidad

Ivanti Endpoint Manager Mobile (EPMM) Path Traversal Vulnerability

Añadido a KEV

31 jul 2023

Remediar antes de

21 ago 2023

Uso conocido en ransomware

No

Descripción resumida

Ivanti Endpoint Manager Mobile (EPMM) contains a path traversal vulnerability that enables an authenticated administrator to perform malicious file writes to the EPMM server. This vulnerability can be used in conjunction with CVE-2023-35078 to bypass authentication and ACLs restrictions (if applicable).

Acción requerida

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Notas

https://forums.ivanti.com/s/article/CVE-2023-35081-Arbitrary-File-Write?language=en_US; https://nvd.nist.gov/vuln/detail/CVE-2023-35081

CVEs relacionados
CVECVSSEPSSKEVRExplotTítuloVis.
CVE-2023-35078
100.0%
KEV80Ivanti Endpoint Manager Mobile Authentication Bypass Vulnerability
CVE-2025-4427
100.0%
KEV80Ivanti Endpoint Manager Mobile (EPMM) Authentication Bypass Vulnerability
CVE-2026-1340
99.7%
KEV80Ivanti Endpoint Manager Mobile (EPMM) Code Injection Vulnerability
CVE-2025-4428
99.7%
KEV80Ivanti Endpoint Manager Mobile (EPMM) Code Injection Vulnerability
CVE-2026-1281
99.6%
KEV80Ivanti Endpoint Manager Mobile (EPMM) Code Injection Vulnerability
CVE-2026-6973
98.2%
KEV79Ivanti Endpoint Manager Mobile (EPMM) Improper Input Validation Vulnerability