Attacker Value
Very High
(2 users assessed)
Exploitability
Unknown
(2 users assessed)
User Interaction
None
Privileges Required
None
Attack Vector
Network
3

CVE-2020-15505

Disclosure Date: July 07, 2020
Exploited in the Wild
Reported by ccondon-r7
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

A remote code execution vulnerability in MobileIron Core & Connector versions 10.3.0.3 and earlier, 10.4.0.0, 10.4.0.1, 10.4.0.2, 10.4.0.3, 10.5.1.0, 10.5.2.0 and 10.6.0.0; and Sentry versions 9.7.2 and earlier, and 9.8.0; and Monitor and Reporting Database (RDB) version 2.0.0.1 and earlier that allows remote attackers to execute arbitrary code via unspecified vectors.

Add Assessment

2
Ratings
  • Attacker Value
    Very High
Technical Analysis

According to Black Arrow, it looks like this CVE is being exploited to deliver Kaiten malware. This is another of the batch Orange Tsai wrote about from among their MobileIron discoveries last month. @wvu-r7 has a bit more context on the auth bypass in his assessment of CVE-2020-15506, too.

1
Technical Analysis

It’s not actually clear this is the RCE in the blog post, so please see CVE-2020-15506.

General Information

Additional Info

Technical Analysis