NCSC urges firms to patch against MobileIron vulnerability

Remote attackers are targeting healthcare, logistics, legal, and local government sectors

The National Cyber Security Centre (NCSC) has issued a warning over a MobileIron vulnerability that has the potential to compromise the networks of UK organisations.

Organisations using the California-based enterprise mobile device management (MDM) provider's software could be targeted by Advanced Persistent Threat (APT) nation-state groups looking to exploit a critical remote code execution vulnerability, according to the NCSC. 

The flaw, tracked as CVE-2020-15505, affects MobileIron Core and Connector products, specifically the following models: 10.4.0.0, 10.4.0.1, 10.4.0.2, 10.4.0.3, 10.5.1.0, 10.5.2.0, 10.6.0.0, 10.3.0.3 and earlier, Sentry versions 9.8.0, 9.7.2 and earlier, as well as the Monitor and Reporting Database (RDB) version 2.0.0.1 and earlier.

The issue reportedly stems back to June 2020, when MobileIron released security updates to address several vulnerabilities in their products. However, users who had not applied the patches have since been the target of cyber attacks.

According to the NCSC, hostile state actors and cyber criminals have attempted to exploit the vulnerability since the publication of a proof of concept exploit became available in September 2020. The security organisation warned that remote attackers were already able to take advantage of the flaw by targeting healthcare, logistics, legal, and local government sectors. 

The NCSC strongly advised UK organisations to refer to the MobileIron guidance, keeping informed of any future updates, as well as ensure that all affected versions have had the necessary updates installed. 

IT Pro has contacted MobileIron for comment but the company has yet to respond. In an update published last month, the MDM provider said that it had “engaged in ongoing proactive outreach to help customers secure their systems”. 

“That outreach has included calls from our account teams, regular targeted emails, and in-product notices. We currently estimate that between 90%-95% of all devices are now managed on patched/updated versions of our software. We continue to follow up with the remaining customers where we can determine that they have not yet patched or upgraded affected products,” it stated.

Featured Resources

Managing security risk and compliance in a challenging landscape

How key technology partners grow with your organisation

Download now

Evaluate your order-to-cash process

15 recommended metrics to benchmark your O2C operations

Download now

AI 360: Hold, fold, or double down?

How AI can benefit your business

Download now

Getting started with Azure Red Hat OpenShift

A developer’s guide to improving application building and deployment capabilities

Download now

Recommended

SolarWinds hackers hit Malwarebytes through Microsoft exploit
hacking

SolarWinds hackers hit Malwarebytes through Microsoft exploit

20 Jan 2021
How LogPoint uses MITRE ATT&CK
Whitepaper

How LogPoint uses MITRE ATT&CK

15 Jan 2021
Weekly threat roundup: Microsoft Defender, Adobe, Mimecast
vulnerability

Weekly threat roundup: Microsoft Defender, Adobe, Mimecast

14 Jan 2021
Mimecast admits hackers accessed users’ Microsoft accounts
Security

Mimecast admits hackers accessed users’ Microsoft accounts

13 Jan 2021

Most Popular

IT retailer faces €10.4m GDPR fine for employee surveillance
General Data Protection Regulation (GDPR)

IT retailer faces €10.4m GDPR fine for employee surveillance

18 Jan 2021
Citrix buys Slack competitor Wrike in record $2.25bn deal
collaboration

Citrix buys Slack competitor Wrike in record $2.25bn deal

19 Jan 2021
Should IT departments call time on WhatsApp?
communications

Should IT departments call time on WhatsApp?

15 Jan 2021