Mobile Threat Catalogue

Unauthorized Enrollment in MDM


Threat Category: Enterprise Mobility


Threat Description: An attacker enrolls a mobile device into an EMM/MDM without authorization of the device’s owner, which facilitates further attacks against the device or tracking user behavior.

Threat Origin

Mobile Device Mismanagement 1

Exploit Examples

Not Applicable

CVE Examples

Not Applicable

Possible Countermeasures


To increase the difficulty of such an attack, consider EMM/MDM solutions that support enrollment procedures that require users to expressly opt-in to management of their device, such as by issuing one-time enrollment tokens using an out-of-band channel, or requiring enrollment be performed in person


  1. S. Breen, Mobile Device Mismanagement, presented at Blackhat, Aug. 2014; [accessed 8/23/2016]