NCSC urges firms to patch against MobileIron vulnerability

Remote attackers are targeting healthcare, logistics, legal, and local government sectors

The National Cyber Security Centre (NCSC) has issued a warning over a MobileIron vulnerability that has the potential to compromise the networks of UK organisations.

Organisations using the California-based enterprise mobile device management (MDM) provider's software could be targeted by Advanced Persistent Threat (APT) nation-state groups looking to exploit a critical remote code execution vulnerability, according to the NCSC. 

The flaw, tracked as CVE-2020-15505, affects MobileIron Core and Connector products, specifically the following models: 10.4.0.0, 10.4.0.1, 10.4.0.2, 10.4.0.3, 10.5.1.0, 10.5.2.0, 10.6.0.0, 10.3.0.3 and earlier, Sentry versions 9.8.0, 9.7.2 and earlier, as well as the Monitor and Reporting Database (RDB) version 2.0.0.1 and earlier.

The issue reportedly stems back to June 2020, when MobileIron released security updates to address several vulnerabilities in their products. However, users who had not applied the patches have since been the target of cyber attacks.

According to the NCSC, hostile state actors and cyber criminals have attempted to exploit the vulnerability since the publication of a proof of concept exploit became available in September 2020. The security organisation warned that remote attackers were already able to take advantage of the flaw by targeting healthcare, logistics, legal, and local government sectors. 

The NCSC strongly advised UK organisations to refer to the MobileIron guidance, keeping informed of any future updates, as well as ensure that all affected versions have had the necessary updates installed. 

IT Pro has contacted MobileIron for comment but the company has yet to respond. In an update published last month, the MDM provider said that it had “engaged in ongoing proactive outreach to help customers secure their systems”. 

“That outreach has included calls from our account teams, regular targeted emails, and in-product notices. We currently estimate that between 90%-95% of all devices are now managed on patched/updated versions of our software. We continue to follow up with the remaining customers where we can determine that they have not yet patched or upgraded affected products,” it stated.

Featured Resources

Unlocking collaboration: Making software work better together

How to improve collaboration and agility with the right tech

Download now

Four steps to field service excellence

How to thrive in the experience economy

Download now

Six things a developer should know about Postgres

Why enterprises are choosing PostgreSQL

Download now

The path to CX excellence for B2B services

The four stages to thrive in the experience economy

Download now

Recommended

Russia launched over a million cyber attacks in three months
hacking

Russia launched over a million cyber attacks in three months

13 Apr 2021
New DNS vulnerabilities put millions of IoT devices at risk
Internet of Things (IoT)

New DNS vulnerabilities put millions of IoT devices at risk

13 Apr 2021
Cloud storage: How secure are Dropbox, OneDrive, Google Drive, and iCloud?
cloud security

Cloud storage: How secure are Dropbox, OneDrive, Google Drive, and iCloud?

13 Apr 2021
5G will accelerate cyber crime, predicts former White House CIO
5G

5G will accelerate cyber crime, predicts former White House CIO

13 Apr 2021

Most Popular

Microsoft is submerging servers in boiling liquid to prevent Teams outages
data centres

Microsoft is submerging servers in boiling liquid to prevent Teams outages

7 Apr 2021
How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

8 Apr 2021
Hackers are using fake messages to break into WhatsApp accounts
instant messaging (IM)

Hackers are using fake messages to break into WhatsApp accounts

8 Apr 2021