Join us at Hacker Summer Camp in Las Vegas! Let's Connect

Start Free Book Demo

Platform
- Overview
  The runZero Platform provides complete security visibility across IT, OT, IoT, cloud, mobile, and remote assets so that you can see and secure everything on your network.
  
  Attack Surface Management
  
  Exposure Mitigation
  
  Risk & Compliance
  
  Fast Deployment & Scalability
- Integrations
  runZero seamlessly integrates with a wide variety of tools, enhancing network visibility, enriching asset data, and uncovering control gaps.
- Community Edition
  Our completely free version of the runZero Platform is ideal for home use and environments with fewer than 100 assets.
Check out our new Research Report

Delve into our findings on the state of security in enterprise infrastructure, revealing alarming gaps and unexpected trends, from network segmentation decay to dark matter accumulation.

Download the Report
Resources
- runZero Blog
  See what's happening at runZero and read up on the latest ideas, opinions, and articles from our experts and researchers.
- Rapid Response
  Respond to 0-day threats immediately with our prebuilt queries and tips from the runZero Research team.
- Resource Center
  Dive into a treasure trove of resources to expand your exposure management knowledge.
  
  Podcasts
  
  Webcasts
  
  Talks
  
  Videos
- Support Resources
  Everything you need to maximize your experience with the runZero Platform.
  
  Documentation
  
  REST API
  
  Open Source
  
  Changelog
Gartner® Peer Insights™ Customers' Choice for CAASM

runZero has been recognized as a Customers’ Choice for cyber asset attack surface management (CAASM) in the 2024 Gartner Voice of the Customer report.

Get the Report
Pricing
Customers
- Our Customers
  Our customers are everything. We're super proud to be trusted by leading organizations around the globe to help them improve their security.
- Case Studies
  See how runZero has empowered security teams to take control of their networks, uncover their unknowns, and save significant time and money.
- Testimonials
  Read reviews of the runZero Platform and see how teams have improved their security with our technology.
Featured case study

York University discovered 2.5x more assets with runZero, enabling them to gain clear visibility and reduce risk in an ever-changing environment.

Read the case study
Partners
- Infinity Partner Program
  See how we can work together to provide best-in-class security solutions and outcomes for our joint customers.
- Trusted Advisor Program
  Do you perform project-based consulting services and want to use runZero to deliver great insights? This program is designed for you!
- Partner Directory
  Explore our directory of trusted (and awesome) partners.
- Partner Login
  Login to our Infinity Partner Portal.
Featured partner

Carahsoft and runZero have joined forces to provide Public Sector customers the solutions they need to secure dynamic attack surfaces.

Read more
About
- About Us
  Wondering who the heck are these people? Meet the team and get the story behind runZero... once upon a time called Rumble.
- Events
  Track down runZero Yetis in the wild! Join us in-person or virtually at one of our upcoming events.
- Investors
  Meet the cybersecurity investors, trailblazers, and innovators who help us navigate our journey and the evolving security landscape.
- Newsroom
  Read the latest articles, announcements, and press releases from runZero.
- Careers
  Want to join our forces? We're looking for bright minds and passionate souls who want to write the next chapter in exposure management.
Let’s Hang Out at Hacker Summer Camp!

Viva Las Vegas! Join us at one of the many awesome events happening around town.

Let's Connect

Join us at Hacker Summer Camp in Las Vegas! Let's Connect

Overview
The runZero Platform provides complete security visibility across IT, OT, IoT, cloud, mobile, and remote assets so that you can see and secure everything on your network.
Integrations
runZero seamlessly integrates with a wide variety of tools, enhancing network visibility, enriching asset data, and uncovering control gaps.
Community Edition
Our completely free version of the runZero Platform is ideal for home use and environments with fewer than 100 assets.

Check out our new Research Report

Delve into our findings on the state of security in enterprise infrastructure, revealing alarming gaps and unexpected trends, from network segmentation decay to dark matter accumulation.

Download the Report

runZero Blog
See what's happening at runZero and read up on the latest ideas, opinions, and articles from our experts and researchers.
Rapid Response
Respond to 0-day threats immediately with our prebuilt queries and tips from the runZero Research team.
Resource Center
Dive into a treasure trove of resources to expand your exposure management knowledge.
- Podcasts
- Webcasts
- Talks
- Videos
Support Resources
Everything you need to maximize your experience with the runZero Platform.

Gartner® Peer Insights™ Customers' Choice for CAASM

runZero has been recognized as a Customers’ Choice for cyber asset attack surface management (CAASM) in the 2024 Gartner Voice of the Customer report.

Get the Report

Our Customers
Our customers are everything. We're super proud to be trusted by leading organizations around the globe to help them improve their security.
Case Studies
See how runZero has empowered security teams to take control of their networks, uncover their unknowns, and save significant time and money.
Testimonials
Read reviews of the runZero Platform and see how teams have improved their security with our technology.

Featured case study

York University discovered 2.5x more assets with runZero, enabling them to gain clear visibility and reduce risk in an ever-changing environment.

Read the case study

About Us
Wondering who the heck are these people? Meet the team and get the story behind runZero... once upon a time called Rumble.
Events
Track down runZero Yetis in the wild! Join us in-person or virtually at one of our upcoming events.
Investors
Meet the cybersecurity investors, trailblazers, and innovators who help us navigate our journey and the evolving security landscape.
Newsroom
Read the latest articles, announcements, and press releases from runZero.
Careers
Want to join our forces? We're looking for bright minds and passionate souls who want to write the next chapter in exposure management.

Let’s Hang Out at Hacker Summer Camp!

Viva Las Vegas! Join us at one of the many awesome events happening around town.

Let's Connect

Infinity Partner Program
See how we can work together to provide best-in-class security solutions and outcomes for our joint customers.
Trusted Advisor Program
Do you perform project-based consulting services and want to use runZero to deliver great insights? This program is designed for you!
Partner Directory
Explore our directory of trusted (and awesome) partners.
Partner Login
Login to our Infinity Partner Portal.

Featured partner

Carahsoft and runZero have joined forces to provide Public Sector customers the solutions they need to secure dynamic attack surfaces.

Read more

How to find Ivanti EPMM (MobileIron Core)

Rob King

Updated July 31, 2023, 3:00am EDT

What is Ivanti Endpoint Manager Mobile (EPMM)? #

Ivanti Endpoint Manager Mobile (EPMM) is a mobile management software that helps organizations set policies for mobile devices, applications, and content. It was formerly known as MobileIron Core.

Latest Ivanti Endpoint Manager Mobile (EPMM) vulnerability #

On July 24th, Ivanti announced that their Endpoint Manager Mobile (EPMM, formerly MobileIron Core) product versions 11.10 and prior contain a critical authentication bypass vulnerability. Successfully exploiting this vulnerability would allow an unauthenticated remote attacker to access users’ personally identifiable information (PII) and make changes to the vulnerable server.

There is evidence that this vulnerability is being exploited in the wild.

What is the impact? #

An unauthenticated remote attacker who successfully exploited this vulnerability would be able to retrieve users’ personally identifiable information (PII) and make changes to the vulnerable server. This is due to an authentication bypass vulnerability, meaning that in some cases an attacker can bypass authentication controls.

With a CVSS score of 10.0, this vulnerability is considered critical. There is evidence that this vulnerability is being exploited in the wild and this vulnerability has been added to the CISA Known Exploited Vulnerabilities catalog.

Are updates available? #

Ivanti has released a patch for this vulnerability and issued guidance for customers on how to upgrade.

How do I find potentially vulnerable Ivanti EPMM services with runZero? #

EPMM can be found by navigating to the Services Inventory and using the following pre-built query to locate EPMM services on your network:

_asset.protocol:http AND protocol:http AND html.title:"Ivanti User Portal: Sign In"

Starting with runZero 3.10.10, from the Asset Inventory use the following pre-built query to locate EPMM services on your network:

product:”Ivanti Endpoint Manager Mobile”

Results from the above query should be triaged to determine if they require patching. As always, any prebuilt queries are available from your runZero console. Check out the documentation for other useful inventory queries.

Written by Rob King

Rob King is the Director of Security Research at runZero. Over his career Rob has served as a senior researcher with KoreLogic, the architect for TippingPoint DVLabs, and helped get several startups off the ground. Rob helped design SC Magazine's Data Leakage Prevention Product of the Year for 2010, and was awarded the 3Com Innovator of the Year Award in 2009. He has been invited to speak at BlackHat, Shmoocon, SANS Network Security, and USENIX.

More about Rob King

Related Articles

Rapid Response

How to find PKIX-SSH services on your network

A fork of OpenSSH called PKIX-SSH was impacted by the recently discovered regreSSHion vulnerability. Here's how to find impacted services on your...

Rapid Response

How to find Westermo devices on your network

Westermo has disclosed several vulnerabilities regarding their Lynx Industrial Ethernet switches. Here's how to find them on your network.

Rapid Response

How to find Kaspersky products with runZero

The US government has banned the sale of Kaspersky products and services. Here's how to find Kaspersky products in your network.

Rapid Response

How to find Microsoft Message Queuing (MSMQ) servers on your network

A new pre-auth use-after-free vulnerability in the Microsoft Message Queuing (MSMQ) service is rated critical. Find impacted systems now with runZero.

See Results in Minutes

Get complete visibility into IT, OT, & IoT — without agents, credentials, or hardware.

Try It Free

© Copyright 2024 runZero, Inc. All Rights Reserved