Researchers Disclose Serious Vulnerabilities In SureMDM

Researchers with Immersive Labs have disclosed a vulnerability bug in SureMDM, a popular mobile device management platform, which could lead to compromises on every device running the platform within the targeted enterprise. The issue included a lack of default authentication between the agent running the host and the server where attacks could potentially register fake devices and intercept job regquests containing sensitive data.

Saumitra Das, CTO and Cofounder, Blue Hexagon had this to day.

“This is reminiscent of the Kaseya attack where organizations were compromised by a third-party software system used for IT management. There is always a tradeoff between ease of onboarding or ease of use and cybersecurity. Systems are often deployed with defaults that allow for quick deployment and onboarding of users but leave holes like this open that can then be exploited by attackers. After the Solarwinds and Kaseya attacks, organizations should be very circumspect of how much privilege third-party software has inside their networks.”

The majority of these issues have been mitigated. Which means that you should install any and all updates to protect yourself if you run SureMDM. But those running the Linux client are still vulnerable. And there is a proof of concept from Immersive Labs inbound to demonstrate the issue. Which means you’ll have to update that when patches become available.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: