CVEs-PoC/2021/CVE-2021-3540.md

### [CVE-2021-3540](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3540)
![](https://img.shields.io/static/v1?label=Product&message=MobileIron%20Core&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=10.7.0.1-9%3C%3D%2010.7.0.1-9%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-88%20Argument%20Injection%20or%20Modification&color=brighgreen)

### Description

By abusing the 'install rpm info detail' command, an attacker can escape the restricted clish shell on affected versions of Ivanti MobileIron Core. This issue was fixed in version 11.1.0.0.

### POC

#### Reference
- https://www.rapid7.com/blog/post/2021/06/02/untitled-cve-2021-3198-and-cve-2021-3540-mobileiron-shell-escape-privilege-escalation-vulnerabilities/

#### Github
No PoCs found on GitHub currently.