US-based software company Ivanti has released security updates to address a zero-day vulnerability used in the recent attacks on the Norwegian government.

The country’s security service (DSS) said on Monday that a threat actor exploited the zero-day flaw to breach 12 ministries. However, the Prime Minister's Office, the Ministry of Defense, the Ministry of Justice, and the Ministry of Foreign Affairs are said to be not impacted by the incident.

The Norwegian authorities revealed that the attackers used the zero-day flaw in the Ivanti Endpoint Manager Mobile (EPMM) software, formerly known as MobileIron Core.

Tracked as CVE-2023-35078, the vulnerability is an improper authentication issue, which could be used by a remote hacker to bypass authentication and gain unauthorized access to the application.

The bug affects all supported versions – Version 11.4 releases 11.10, 11.9 and 11.8. Older versions/releases are also at risk, Ivanti said, noting that they are “only aware of a very limited number of customers that have been impacted.”

System owners are advised to install security updates as soon as possible to ensure they are fully protected.