Security News > 2023 > August > Ivanti Avalanche vulnerable to attack by unauthenticated, remote attackers (CVE-2023-32560)
Two stack-based buffer overflow bugs have been discovered in Ivanti Avalanche, an enterprise mobility management solution.
Ivanti released Avalanche version 6.4.1 security update on August 3, 2023, which also fixes additional RCE and authentication bypass vulnerabilities.
The widespread implementation of Ivanti's solutions has drawn the attention of malicious actors, seeking to exploit potential vulnerabilities and gain unauthorized access to valuable corporate data.
We have recently reported about three vulnerabilities affecting Ivanti Endpoint Manager Mobile.
CVE-2023-35078 - an authentication bypass vulnerability - has been used in conjunction with CVE-2023-35081 - a remote arbitrary file write vulnerability - to breach 12 Norwegian ministries.
CVE-2023-35082 - a remote unauthenticated API access vulnerability - could allow a remote unauthenticated threat actor to access users' PII in older MobileIron Core versions and make changes to the server.
News URL
https://www.helpnetsecurity.com/2023/08/16/cve-2023-32560/
Related news
- Ivanti warns high severity CSA flaw is now exploited in attacks (source)
- Ivanti warns of another critical CSA flaw exploited in attacks (source)
- Critical Ivanti vTM auth bypass bug now exploited in attacks (source)
- Ivanti vTM auth bypass flaw exploited in attacks, CISA warns (CVE-2024-7593) (source)
- Critical Flaws in Tank Gauge Systems Expose Gas Stations to Remote Attacks (source)
- Critical Ivanti RCE flaw with public exploit now used in attacks (source)
- Ivanti warns of three more CSA zero-days exploited in attacks (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-15 | CVE-2023-35082 | Improper Authentication vulnerability in Ivanti Endpoint Manager Mobile An authentication bypass vulnerability in Ivanti EPMM 11.10 and older, allows unauthorized users to access restricted functionality or resources of the application without proper authentication. | 9.8 |
| 2023-08-03 | CVE-2023-35081 | Path Traversal vulnerability in Ivanti Endpoint Manager Mobile A path traversal vulnerability in Ivanti EPMM versions (11.10.x < 11.10.0.3, 11.9.x < 11.9.1.2 and 11.8.x < 11.8.1.2) allows an authenticated administrator to write arbitrary files onto the appliance. | 7.2 |
| 2023-07-25 | CVE-2023-35078 | Improper Authentication vulnerability in Ivanti Endpoint Manager Mobile An authentication bypass vulnerability in Ivanti EPMM allows unauthorized users to access restricted functionality or resources of the application without proper authentication. | 9.8 |