New SureMDM Vulnerabilities Could Expose Companies to Supply Chain Attacks
Feb 01, 2022
A number of security vulnerabilities have been disclosed in 42 Gears' SureMDM device management solution that could be weaponized by attackers to perform a supply chain compromise against affected organizations. Cybersecurity firm Immersive Labs, in a technical write-up detailing the findings, said that 42Gears released a series of updates between November 2021 and January 2022 to close out multiple flaws affecting both the platform's Linux agent and the web console. The India-based company's SureMDM is a cross-platform mobile device management service that allows enterprises to remotely monitor, manage, and secure a fleet of company-owned systems for dedicated-use and employee-owned devices. 42Gears claims that SureMDM is used by over 10,000 companies worldwide. The issues identified in the web dashboard are also of critical in nature, potentially allowing an attacker to gain code execution over individual devices, desktops, or servers. Further...
