Your hacker Blog

UK NCSC’s alert urges orgs to fix MobileIron CVE-2020-15505 RCE

The UK NCSC issued an alert to urge organizations to patch the critical CVE-2020-15505 RCE vulnerability in MobileIron MDM systems.

The UK National Cyber Security Centre (NCSC) issued an alert urging organizations to address the critical CVE-2020-15505 remote code execution (RCE) vulnerability in MobileIron mobile device management (MDM) systems.

MDM platforms allow administrators to remotely manage a fleet of mobile devices in their organization from a central server.

The CVE-2020-15505 vulnerability is a remote code execution issue in the MobileIron mobile device management (MDM) software that allows remote attackers to execute arbitrary code and take over remote company servers.

The vulnerability was discovered in March by the security researcher Orange Tsai, and MobileIron addressed it in June. Below a video PoC for the exploitation of the flaw published by the researcher.

Experts at NCSC are aware of threat actors actively using the MobileIron CVE-2020-1550 vulnerability to compromise the networks in multiple sectors, including the healthcare, local government, logistics, and legal sectors.

“The NCSC is aware that Advanced Persistent Threat (APT) nation-state groups and cyber criminals are now actively attempting to exploit this vulnerability [T1190] to compromise the networks of UK organisations.” reads the alert.

At the end of October, the US National Security Agency (NSA) included the same RCE in the list of the top 25 vulnerabilities exploited by Chinese state-sponsored hacking groups in attacks in the wild.

The Cybersecurity and Infrastructure Agency (CISA) also warned that APT groups are chaining the CVE-2020-15505 RCE with the Netlogon/Zerologon vulnerability CVE-2020-1472 at least in a single intrusion.

The MobileIron versions affected by the CVE-2020-15505 flaw are:

10.3.0.3 and earlier10.4.0.0, 10.4.0.1, 10.4.0.2, 10.4.0.3, 10.5.1.0, 10.5.2.0 and 10.6.0.0Sentry versions 9.7.2 and earlier9.8.0Monitor and Reporting Database (RDB) version 2.0.0.1 and earlier

try {
window._mNHandle.queue.push(function (){
window._mNDetails.loadTag(“816788371”, “300×250”, “816788371”);
});
}
catch (error) {}

try {
window._mNHandle.queue.push(function (){
window._mNDetails.loadTag(“816788371”, “300×250”, “816788371”);
});
}
catch (error) {}
Pierluigi Paganini

(SecurityAffairs – hacking, APT)

The post UK NCSC’s alert urges orgs to fix MobileIron CVE-2020-15505 RCE appeared first on Security Affairs.