What is CVE-2023-35082?

CVE-2023-35082 is a critical authentication bypass vulnerability in Ivanti’s Endpoint Manager Mobile (EPMM) 11.10 and earlier. Organizations must address this issue immediately to prevent unauthorized access to sensitive resources.

What is the severity of CVE-2023-35082?

CVE-2023-35082 has a severity rating of CRITICAL with a CVSS base score of 9.8.

Is CVE-2023-35082 in CISA KEV?

Yes. CVE-2023-35082 is listed in the CISA Known Exploited Vulnerabilities (KEV) catalog. Organizations should prioritize remediation.

CVE-2023-35082 | Critical Vulnerability in Ivanti Endpoint Manager Mobile

CVE-2023-35082 is a critical authentication bypass vulnerability found in Ivanti Endpoint Manager Mobile (EPMM) version 11.10 and earlier. This vulnerability allows unauthorized users to access restricted functionalities or resources of the application without proper authentication. Given the nature of this vulnerability, it poses a significant risk to organizations that utilize this software. The CVSS score for this vulnerability is 9.8, indicating a critical severity that necessitates immediate attention.

The urgency of addressing CVE-2023-35082 is underscored by its classification as a high-risk vulnerability that can lead to unauthorized access, potentially compromising sensitive data. Organizations should prioritize patching this vulnerability immediately to mitigate the risk of exploitation. It is essential to remain vigilant and monitor for any unauthorized access attempts that may arise from this vulnerability.

As of the latest update, this vulnerability is included in the Known Exploited Vulnerabilities (KEV) catalog, indicating that it is actively being exploited in the wild. Organizations should assess their environments to determine if they are affected and take appropriate action to remediate the vulnerability as soon as possible.

The potential impact of this vulnerability includes unauthorized access to sensitive features and data within the application, which can lead to further exploitation if not addressed. Organizations must take this vulnerability seriously and act promptly to safeguard their systems.

Vulnerability Details

An authentication bypass vulnerability in Ivanti EPMM 11.10 and older allows unauthorized users to access restricted functionality or resources of the application without proper authentication. The official CVE description states that this vulnerability is unique to CVE-2023-35078 announced earlier.

The CVSS score for this vulnerability is 9.8, classified as critical. This score indicates a high likelihood of exploitation, with significant impacts on confidentiality, integrity, and availability. The attack vector is classified as network-based, with low complexity and no privileges required for exploitation.

The affected product is Ivanti Endpoint Manager Mobile (EPMM) version 11.10 and older. This vulnerability was published on August 15, 2023, and falls under the CWE classification of CWE-287, which denotes improper authentication.

Technical Analysis

The root cause of CVE-2023-35082 lies in an inadequate authentication mechanism that allows unauthorized access to restricted functions. Attackers can exploit this vulnerability remotely, requiring no user interaction, and can do so with low complexity. The attack vector is over the network, allowing for widespread exploitation of vulnerable instances.

The vulnerability requires no privileges to exploit, making it accessible to any attacker who can reach the application. This significantly increases the risk, as any unauthorized user can potentially access sensitive resources without any barriers.

In terms of impact, the vulnerability affects confidentiality, integrity, and availability. Successful exploitation could allow attackers to manipulate sensitive data, leading to a loss of data integrity and availability. Organizations must take action to understand the implications of this vulnerability within their environments.

Risk & Impact Analysis

The real-world deployment of CVE-2023-35082 introduces significant risks. Organizations using Ivanti EPMM 11.10 and older versions may face unauthorized access to critical application functionalities. This risk is heightened by the fact that the vulnerability is actively being exploited in the wild, as indicated by its inclusion in the KEV catalog.

Given the critical nature of this vulnerability, organizations should prioritize its remediation as part of their immediate patching cycle. The potential blast radius includes all users of the affected version, which could lead to unauthorized data access and manipulation.

The urgency of addressing this vulnerability cannot be overstated. Organizations should act immediately to patch their systems or apply mitigations as per vendor instructions to eliminate this risk.

Signal	Status
Known Exploit	Yes
Public PoC	Yes
Actively Exploited	Yes
Ransomware Use	Yes

Affected Versions

All versions of Ivanti Endpoint Manager Mobile (EPMM) prior to 11.11.0 are affected by this vulnerability. Organizations must ensure they are on the latest version to avoid potential exploitation.

Mitigation & Remediation

Organizations should apply vendor-recommended patches and updates to remediate CVE-2023-35082. If patches are unavailable, consider discontinuing the use of the affected product until a secure version is available.

For continuous security, implementing network controls and monitoring for unauthorized access attempts are recommended. Organizations can validate remediation effectiveness through continuous penetration testing to ensure that all vulnerabilities are effectively mitigated.

Detection Guidance

Organizations should monitor logs for any unauthorized access attempts to the application. Key indicators include abnormal access patterns, failed login attempts, and changes to user permissions. Behavioral anomalies should be investigated promptly to determine whether they are indicative of exploitation.

AppSecure Threat Intelligence Insight

The long-term significance of CVE-2023-35082 highlights the importance of robust authentication mechanisms in application design. This vulnerability serves as a reminder for security teams to regularly assess their authentication processes and ensure they are hardened against exploitation.

This incident represents a broader trend of increasing exploitation of authentication vulnerabilities across various platforms. Security teams should take proactive measures to fortify their defenses against similar vulnerabilities by regularly updating their systems and conducting thorough security assessments.

Organizations should leverage resources to improve their security posture. Engaging in regular penetration testing can help identify vulnerabilities before they are exploited.

Furthermore, continuous monitoring and evaluation of security measures will help organizations stay ahead of potential threats.

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

CVE ID	Title	Severity	Vulnerability Type	Published
CVE-2025-65418	CVE-2025-65418: High Vulnerability in docuFORM Managed Print Service Client	HIGH	Path Traversal	May 11, 2026
CVE-2025-65417	CVE-2025-65417: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	XSS	May 11, 2026
CVE-2025-65416	CVE-2025-65416: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Unrestricted File Upload	May 11, 2026
CVE-2025-65415	CVE-2025-65415: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Session Fixation	May 11, 2026
CVE-2025-61314	CVE-2025-61314: High Vulnerability in GmbH Mecury Managed Print Services	HIGH	XSS	May 11, 2026

CVE-2023-35082: Critical Vulnerability in Ivanti Endpoint Manager Mobile