Norwegian and US cybersecurity agencies confirmed that the vulnerability affecting Ivanti Endpoint Manager Mobile "allowed advanced persistent threat actors...to gather information from several Norwegian organizations, and gain access to and compromise a Norwegian government agency's network from at least April".

A joint cybersecurity advisory was issued on August 1 and can be read in full here.

The US Cybersecurity and Infrastructure Security Agency and Norway's National Cyber Security Centre said: "Mobile device management systems are attractive targets for threat actors because they provide elevated access to thousands of mobile devices."

Ivanti has released patches for the vulnerabilities already, on July 23 and July 28, Bloomberg reported.

The news comes just weeks after it was reported that Chinese hackers had accessed the email of a U.S. ambassador and had compromised "hundreds of thousands" of U.S. government emails.