Security News > 2023 > August > Ivanti Avalanche impacted by critical pre-auth stack buffer overflows

Ivanti Avalanche impacted by critical pre-auth stack buffer overflows
2023-08-15 22:05

Two stack-based buffer overflows collectively tracked as CVE-2023-32560 impact Ivanti Avalanche, an enterprise mobility management solution designed to manage, monitor, and secure a wide range of mobile devices.

The flaws are rated critical and are remotely exploitable without user authentication, potentially allowing attackers to execute arbitrary code on the target system.

An attacker sending specially crafted data packets containing hex strings or a list of decimal strings separated by ";" can cause a buffer overflow due to a fixed-size stack-based buffer used to store the converted data.

Stack-based buffer overflows concern the overwrite of regions allocated on the stack, a memory region that stores the program's local variables and return addresses, making it possible to direct the program to execute malicious code.

Ivanti software is used in critical systems and settings, so threat actors are constantly looking for critical-severity vulnerabilities that constitute potential gateways for attacks.

New PaperCut critical bug exposes unpatched servers to RCE attacks.


News URL

https://www.bleepingcomputer.com/news/security/ivanti-avalanche-impacted-by-critical-pre-auth-stack-buffer-overflows/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2023-08-10 CVE-2023-32560 Out-of-bounds Write vulnerability in Ivanti Avalanche
An attacker can send a specially crafted message to the Wavelink Avalanche Manager, which could result in service disruption or arbitrary code execution. Thanks to a Researcher at Tenable for finding and reporting. Fixed in version 6.4.1.
network
low complexity
ivanti CWE-787
critical
9.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Ivanti 26 0 51 152 75 278