Free practical cybersecurity guidance for organisations without a security team.
hello@actionsoncyber.com
← Back to Vulnerability Briefs

Critical Security Flaw Found in Ivanti MobileIron Software

A serious security weakness has been found in certain versions of Ivanti MobileIron software that could let attackers take control of affected systems remotely. This matters because it could allow unauthorised access to your business devices or data if the software is in use.

13 June 2026

Reference: CVE-2020-15505

1. What is being reported?

The report covers a remote code execution vulnerability in specific versions of Ivanti MobileIron Core, Connector, Sentry, and Monitor software. This means attackers could run harmful commands on your systems without permission, potentially causing damage or stealing information.

2. What this means in plain English

For a small organisation, this vulnerability could allow hackers to break into your IT systems remotely if you use the affected Ivanti software versions. This could lead to data loss, disruption of services, or unauthorised access to sensitive information.

3. Could this affect a small business?

If your business uses Ivanti MobileIron products listed in the report, especially older versions, you could be at risk. If you do not use these products, or your software is up to date beyond the affected versions, you are likely not affected.

4. What to do now

  • Check with your IT provider whether your Ivanti MobileIron software is one of the affected versions.
  • If affected, arrange to update or patch the software to a secure version as soon as possible.
  • Ensure your IT provider monitors your systems for any unusual activity that could indicate an attack.
  • Review your overall security practices to reduce the risk of unauthorised access.

5. Ask your IT provider

Can you confirm if our Ivanti MobileIron software is affected by the CVE-2020-15505 vulnerability, and if so, what steps are being taken to secure it?

6. Bottom line

If you use Ivanti MobileIron software, act quickly to check and update it to protect your business from remote attacks.

Information based on NVD, CISA KEV, and reputable security reports.

Back to Vulnerability Briefs