The five new vulnerabilities discovered in Ivanti’s on-premises mobile endpoint management solution are a “classic example of the legacy trap” that CSOs must avoid, says an expert.
“Patch today to survive the weekend,” said Robert Enderle of the Enderle Group, “but start planning your exit from legacy MDM as soon as possible.”
He was commenting on an advisory issued Thursday by Ivanti about the discovery of five holes in its Endpoint Manager Mobile (EPMM) suite. Updates for all are available.
The flaws are serious enough that the US Cybersecurity and Infrastructure Security Agency (CISA) added one of the vulnerabilities to its Known Exploited Vulnerabilities Catalog because it’s being active...