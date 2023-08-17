Ivanti patches MDM vulnerabilities

By

Buffer overflows lead to RCE.

Ivanti has patched a number of vulnerabilities in its Avalanche mobile device manager product, reported by security researchers from the Zero Day Initiative (ZDI) and Tenable Security.

Ivanti patches MDM vulnerabilities

Tenable’s contribution was given the identifier CVE-2023-32560, and is a collection of stack-based buffer overflows in Avalanche WLAvanacheServer.exe v6.4.0.0.

The vulnerabilities are rated critical, with a CVSS score of 9.8, because they leave the software vulnerable to remote code execution (RCE) by unauthenticated attackers.

A further six vulnerabilities, one of which also has a CVSS score of 9.8, were reported to Ivanti by the ZDI.

The critical vulnerability, CVE-2023-32563, is a directory traversal bug in Avalanche’s updateSkin function which can also be exploited for unauthenticated RCE.

“The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations,” the ZDI researchers wrote. 

“An attacker can leverage this vulnerability to execute code in the context of SYSTEM.”

CVE-2023-32561 is an authentication bypass bug with a CVSS score of 8.1.

“The specific flaw exists within the dumpHeap method," the ZDI researchers wrote. 

“The issue results from an incorrect permission assignment. An attacker can leverage this vulnerability to bypass authentication on the system.”

The remaining lower-rated vulnerabilities are in Avalanche SecureFilter (CVE-2023-32566 and CVE-2023-32565); and an arbitrary file upload bug (CVE-2023-32564 and CVE-2023-32562).

Ivanti has patched the bugs in Avalanche 6.4.1.207.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:
ivantisecuritytenable securityzdizero day initiative

Sponsored Whitepapers

Unveiling the Invisible Threat: Mastering the Art of Conveying Cyber Risks to Boards
Unveiling the Invisible Threat: Mastering the Art of Conveying Cyber Risks to Boards
Transforming Your Business
Transforming Your Business
Operational Excellence Through System Modernisation
Operational Excellence Through System Modernisation
The Complete Cloud Security Buyer's Guide
The Complete Cloud Security Buyer's Guide
The Complete MDR Buyer's Guide
The Complete MDR Buyer's Guide

Most Read Articles

Clorox says certain business operations disrupted in cyber attack

Clorox says certain business operations disrupted in cyber attack
Most VPNs can be tricked into leaking traffic

Most VPNs can be tricked into leaking traffic
US congressman says Chinese spies hacked his emails

US congressman says Chinese spies hacked his emails
IAG used keystroke logging to investigate productivity of remote worker

IAG used keystroke logging to investigate productivity of remote worker

Digital Nation

More than half of loyalty members concerned about their data
More than half of loyalty members concerned about their data
COVER STORY: What AI regulation might look like in Australia
COVER STORY: What AI regulation might look like in Australia
Health tech startup Kismet raises $4m in pre-seed funding
Health tech startup Kismet raises $4m in pre-seed funding
DeepAI founder on the risks of artificial intelligence
DeepAI founder on the risks of artificial intelligence
How eBay uses interaction analytics to improve CX
How eBay uses interaction analytics to improve CX

Log In

  |  Forgot your password?