Security News > 2023 > August > Ivanti Avalanche impacted by critical pre-auth stack buffer overflows
Two stack-based buffer overflows collectively tracked as CVE-2023-32560 impact Ivanti Avalanche, an enterprise mobility management solution designed to manage, monitor, and secure a wide range of mobile devices.
The flaws are rated critical and are remotely exploitable without user authentication, potentially allowing attackers to execute arbitrary code on the target system.
An attacker sending specially crafted data packets containing hex strings or a list of decimal strings separated by ";" can cause a buffer overflow due to a fixed-size stack-based buffer used to store the converted data.
Stack-based buffer overflows concern the overwrite of regions allocated on the stack, a memory region that stores the program's local variables and return addresses, making it possible to direct the program to execute malicious code.
Ivanti software is used in critical systems and settings, so threat actors are constantly looking for critical-severity vulnerabilities that constitute potential gateways for attacks.
New PaperCut critical bug exposes unpatched servers to RCE attacks.
News URL
Related news
- Ivanti fixes critical vulnerabilities in Endpoint Management (CVE-2024-29847) (source)
- Exploit code released for critical Ivanti RCE flaw, patch now (source)
- Ivanti warns of another critical CSA flaw exploited in attacks (source)
- Critical Ivanti Cloud Appliance Vulnerability Exploited in Active Cyberattacks (source)
- Critical Ivanti vTM auth bypass bug now exploited in attacks (source)
- CISA Flags Critical Ivanti vTM Vulnerability Amid Active Exploitation Concerns (source)
- Critical Ivanti RCE flaw with public exploit now used in attacks (source)
- Critical Ivanti Endpoint Manager flaw exploited (CVE-2024-29824) (source)
- Zero-Day Alert: Three Critical Ivanti CSA Vulnerabilities Actively Exploited (source)
- CISA adds fresh Ivanti vuln, critical Fortinet bug to hall of shame (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-10 | CVE-2023-32560 | Out-of-bounds Write vulnerability in Ivanti Avalanche An attacker can send a specially crafted message to the Wavelink Avalanche Manager, which could result in service disruption or arbitrary code execution. Thanks to a Researcher at Tenable for finding and reporting. Fixed in version 6.4.1. | 9.8 |