Discovered and responsibly disclosed in March, researcher Orange Tsai found a Remote Code Execution (RCE) vulnerability in the MobileIron Mobile Device management (MDM) systems. MDM systems allow administrators to remotely control mobile devices in their organization. This management is done from a central location and the portal is usually hosted on one of the company’s servers. The vulnerability, CVE-2020-1550, allows an attacker to remotely execute commands on an MDM server without having to authenticate. The UK National Cyber Security Centre (NCSC) has warned that they have seen Advanced Persistent Threat (APT) groups actively targeting companies using this vulnerability and urges companies to apply the patch if they have not. The US Cybersecurity and Infrastructure Agency (CISA) has also warned about these attacks and stated that this CVE is amongst the top 25 that are actively being used by Chinese threat actors.
By Anthony Zampino Introduction Leading up to the most recent Russian invasion of Ukraine in