[CDP-development] CISA - Advisory 2021-008: Active Exploitation of MobileIron Products - TLP: AMBER

MASSE, THERESA theresa.masse at cisa.dhs.gov
Tue Dec 21 07:25:20 PST 2021 

FYSA



Our partners at the Australian Cyber Security Centre (ACSC) released the attached (TLP:AMBER) Advisory 2021-008: Active Exploitation of MobileIron products. ACSC is aware of active exploitation of MobileIron products by malicious cyber actors, associated with the Log4j library vulnerability. Mitigations are available from the vendor, Ivanti.



CISA Recommendations:

  *   Review and apply configuration workarounds for impacted products found here<https://urldefense.us/v3/__https:/forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US__;!!BClRuOV5cvtbuNI!ShK0JcgHBcA1zWReciZ-98XbZwii62_PK3UrLvIBukUfGoxopPCwSHDDlU4PLGEK7U4-8s0$>
  *   Apply new patches as soon as they become available
  *   Investigate your complete MobileIron Core solution for evidence of compromise as a matter of priority (as previously detailed by the ACSC here<https://urldefense.us/v3/__https:/www.cyber.gov.au/acsc/view-all-content/alerts/critical-remote-code-execution-vulnerability-found-log4j2-library__;!!BClRuOV5cvtbuNI!ShK0JcgHBcA1zWReciZ-98XbZwii62_PK3UrLvIBukUfGoxopPCwSHDDlU4PLGEKkNj6iKY$>)





We kindly request any incidents related to this product be reported to CISA at https://us-cert.cisa.gov/report, Central at cisa.dhs.gov<mailto:Central at cisa.dhs.gov>, or 888-282-0870.





Theresa A. Masse

Cyber Security Advisor, Region 10 (Oregon)

Cybersecurity and Infrastructure Security Agency

Department of Homeland Security

Phone: (503) 930-5671

Email: theresa.masse at cisa.dhs.gov<mailto:theresa.masse at cisa.dhs.gov>



[cid:image007.png at 01D7F63B.D9CBBB70]




-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://omls.oregon.gov/pipermail/cdp-development/attachments/20211221/cac2d99f/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image007.png
Type: image/png
Size: 16152 bytes
Desc: image007.png
URL: <https://omls.oregon.gov/pipermail/cdp-development/attachments/20211221/cac2d99f/attachment-0001.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: TLP AMBER Advisory 2021-008 Active Exploitation of MobileIron products associated with Log4j vulnerability.pdf
Type: application/pdf
Size: 715818 bytes
Desc: TLP AMBER Advisory 2021-008 Active Exploitation of MobileIron products associated with Log4j vulnerability.pdf
URL: <https://omls.oregon.gov/pipermail/cdp-development/attachments/20211221/cac2d99f/attachment-0001.pdf>

More information about the CDP-development mailing list