The UK National Cyber Security Centre (NCSC) issued an alert urging organizations to address the critical CVE-2020-15505 RCE vulnerability in MobileIron mobile device management (MDM) systems. The vulnerability was discovered in March by the security researcher Orange Tsai, and MobileIron addressed it in June. The US National Security Agency included the same vulnerability in the list of the top 25 vulnerabilities exploited by Chinese state-sponsored hacking groups in attacks in the wild. The NCSC is aware of threat actors actively using the MobileIron vulnerability to compromise the networks in multiple sectors, including the healthcare, local government, logistics, and legal sectors.”]
Source: https://securityaffairs.co/wordpress/111426/uncategorized/mobileiron-cve-2020-15505-alert.html