Vulnerability Details CVE-2020-35138
The MobileIron agents through 2021-03-22 for Android and iOS contain a hardcoded encryption key, used to encrypt the submission of username/password details during the authentication process, as demonstrated by Mobile@Work (aka com.mobileiron). The key is in the com/mobileiron/common/utils/C4928m.java file. NOTE: It has been asserted that there is no causality or connection between credential encryption and the MiTM attack
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 44.5%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 5.0
References
- https://github.com/optiv/rustyIron
- https://play.google.com/store/apps/details?id=com.mobileiron&hl=en_US&gl=US
- https://www.ivanti.com/blog/a-warranted-response-to-inaccurate-optiv-research
- https://www.optiv.com/explore-optiv-insights/source-zero/mobileiron-mdm-contains-static-key-allowing-account-enumeration
- https://www.optiv.com/insights/source-zero/blog/mobileiron-mdm-contains-static-key-allowing-account-enumeration
- https://github.com/optiv/rustyIron
- https://play.google.com/store/apps/details?id=com.mobileiron&hl=en_US&gl=US
- https://www.ivanti.com/blog/a-warranted-response-to-inaccurate-optiv-research
- https://www.optiv.com/explore-optiv-insights/source-zero/mobileiron-mdm-contains-static-key-allowing-account-enumeration
- https://www.optiv.com/insights/source-zero/blog/mobileiron-mdm-contains-static-key-allowing-account-enumeration
Products affected by CVE-2020-35138
-
cpe:2.3:a:mobileiron:mobile@work:-
-
cpe:2.3:a:mobileiron:mobile@work:10.0.0
-
cpe:2.3:a:mobileiron:mobile@work:10.0.0.0.91r
-
cpe:2.3:a:mobileiron:mobile@work:10.0.1
-
cpe:2.3:a:mobileiron:mobile@work:10.0.2
-
cpe:2.3:a:mobileiron:mobile@work:10.1.0
-
cpe:2.3:a:mobileiron:mobile@work:10.1.0.0.69r
-
cpe:2.3:a:mobileiron:mobile@work:10.1.1.0.4r
-
cpe:2.3:a:mobileiron:mobile@work:10.2
-
cpe:2.3:a:mobileiron:mobile@work:10.2.0.1.3r
-
cpe:2.3:a:mobileiron:mobile@work:10.2.0.1.6r
-
cpe:2.3:a:mobileiron:mobile@work:10.2.1.0.62r
-
cpe:2.3:a:mobileiron:mobile@work:10.2.1.1.3r
-
cpe:2.3:a:mobileiron:mobile@work:10.3.0.1.1r
-
cpe:2.3:a:mobileiron:mobile@work:10.3.0.2.2r
-
cpe:2.3:a:mobileiron:mobile@work:10.3.0.3.4r
-
cpe:2.3:a:mobileiron:mobile@work:10.4.0.1.3r
-
cpe:2.3:a:mobileiron:mobile@work:10.4.1.1.3r
-
cpe:2.3:a:mobileiron:mobile@work:10.4.1.2.9r
-
cpe:2.3:a:mobileiron:mobile@work:10.5.0.0.107r
-
cpe:2.3:a:mobileiron:mobile@work:10.5.1.0.52r
-
cpe:2.3:a:mobileiron:mobile@work:10.7.0.0.132r
-
cpe:2.3:a:mobileiron:mobile@work:10.8.0.1.2r
-
cpe:2.3:a:mobileiron:mobile@work:11.0.0
-
cpe:2.3:a:mobileiron:mobile@work:11.0.0.0.115r
-
cpe:2.3:a:mobileiron:mobile@work:11.0.1
-
cpe:2.3:a:mobileiron:mobile@work:11.1.0
-
cpe:2.3:a:mobileiron:mobile@work:12.0.0
-
cpe:2.3:a:mobileiron:mobile@work:12.0.1
-
cpe:2.3:a:mobileiron:mobile@work:12.0.2
-
cpe:2.3:a:mobileiron:mobile@work:12.0.3
-
cpe:2.3:a:mobileiron:mobile@work:12.1.0
-
cpe:2.3:a:mobileiron:mobile@work:12.1.1
-
cpe:2.3:a:mobileiron:mobile@work:12.11.0
-
cpe:2.3:a:mobileiron:mobile@work:12.11.1
-
cpe:2.3:a:mobileiron:mobile@work:12.2
-
cpe:2.3:a:mobileiron:mobile@work:12.2.1
-
cpe:2.3:a:mobileiron:mobile@work:12.2.2
-
cpe:2.3:a:mobileiron:mobile@work:12.3.0
-
cpe:2.3:a:mobileiron:mobile@work:12.3.1
-
cpe:2.3:a:mobileiron:mobile@work:12.4.0
-
cpe:2.3:a:mobileiron:mobile@work:12.4.1
-
cpe:2.3:a:mobileiron:mobile@work:9.3.0.2.1r
-
cpe:2.3:a:mobileiron:mobile@work:9.4.0.2.16r
-
cpe:2.3:a:mobileiron:mobile@work:9.4.0.3.5r
-
cpe:2.3:a:mobileiron:mobile@work:9.5.0.0.93r
-
cpe:2.3:a:mobileiron:mobile@work:9.5.1.0.19r
-
cpe:2.3:a:mobileiron:mobile@work:9.5.1.1.1r
-
cpe:2.3:a:mobileiron:mobile@work:9.6.0.1.5r
-
cpe:2.3:a:mobileiron:mobile@work:9.6.0.2.11r
-
cpe:2.3:a:mobileiron:mobile@work:9.6.0.3.4r
-
cpe:2.3:a:mobileiron:mobile@work:9.7.0.0.95r
-
cpe:2.3:a:mobileiron:mobile@work:9.7.1.0.28r
-
cpe:2.3:a:mobileiron:mobile@work:9.7.1.1.2r
-
cpe:2.3:a:mobileiron:mobile@work:9.7.2
-
cpe:2.3:a:mobileiron:mobile@work:9.8