Ivanti has launched safety updates to repair 13 crucial safety vulnerabilities within the firm’s Avalanche enterprise cellular machine administration (MDM) resolution.
Avalanche permits admins to handle over 100,000 cellular units from a single, central location over the Web, deploy software program, and schedule updates.
As Ivanti defined on Wednesday, these safety flaws are on account of WLAvalancheService stack or heap-based buffer overflow weaknesses reported by Tenable safety researchers and Development Micro’s Zero Day Initiative.
Unauthenticated attackers can exploit them in low-complexity assaults that do not require consumer interplay to realize distant code execution on unpatched techniques.
“An attacker sending specifically crafted information packets to the Cell Machine Server may cause reminiscence corruption which may end result to a Denial of Service (DoS) or code execution,” Ivanti mentioned in a safety advisory.
“To deal with the safety vulnerabilities [..], it’s extremely really helpful to obtain the Avalanche installer and replace to the most recent Avalanche 6.4.2. These vulnerabilities impression all supported variations of the merchandise – Avalanche variations 6.3.1 and above. Older variations/releases are additionally in danger.”
CVE-ID | Product Affected / Vulnerability |
CVE-2023-41727 | Ivanti Avalanche v6.4.1 WLAvalancheService.exe Unauthenticated Buffer Overflows |
CVE-2023-46216 | Ivanti Avalanche v6.4.1 WLAvalancheService.exe Unauthenticated Buffer Overflows |
CVE-2023-46217 | Ivanti Avalanche v6.4.1 WLAvalancheService.exe Unauthenticated Buffer Overflows |
CVE-2023-46220 | Ivanti Avalanche WLAvalancheService Stack-based Buffer Overflow RCE Vulnerability |
CVE-2023-46221 | Ivanti Avalanche WLAvalancheService Stack-based Buffer Overflow RCE Vulnerability |
CVE-2023-46222 | Ivanti Avalanche WLAvalancheService Stack-based Buffer Overflow RCE Vulnerability |
CVE-2023-46223 | Ivanti Avalanche WLAvalancheService Stack-based Buffer Overflow RCE Vulnerability |
CVE-2023-46224 | Ivanti Avalanche WLAvalancheService Stack-based Buffer Overflow RCE Vulnerability |
CVE-2023-46225 | Ivanti Avalanche WLAvalancheService Stack-based Buffer Overflow RCE Vulnerability |
CVE-2023-46257 | Ivanti Avalanche WLAvalancheService Stack-based Buffer Overflow RCE Vulnerability |
CVE-2023-46258 | Ivanti Avalanche WLAvalancheService Stack-based Buffer Overflow RCE Vulnerability |
CVE-2023-46259 | Ivanti Avalanche WLAvalancheService Stack-based Buffer Overflow RCE Vulnerability |
CVE-2023-46260 | Ivanti Avalanche WLAvalancheService Null Pointer Dereference Denial-of-Service Vulnerability |
CVE-2023-46261 | Ivanti Avalanche WLInfoRailService Heap-based Buffer Overflow RCE Vulnerability |
The corporate additionally patched eight medium- and high-severity bugs that attackers may exploit in denial of service, distant code execution, and server-side request forgery (SSRF) assaults.
All safety vulnerabilities disclosed at this time have been addressed in Avalanche v6.4.2.313. Extra data on upgrading your Avalanche set up is out there on this Ivanti help article.
In August, Ivanti fastened two different crucial Avalanche buffer overflows tracked collectively as CVE-2023-32560 that would result in crashes and arbitrary code execution following profitable exploitation.
Menace actors chained a 3rd MobileIron Core zero-day (CVE-2023-35081) with CVE-2023-35078 to hack into the IT techniques of a dozen Norwegian ministries one month earlier.
4 months earlier, in April, state-affiliated hackers used two different zero-day flaws (CVE-2023-35078 and CVE-2023-35081) in Ivanti’s Endpoint Supervisor Cell (EPMM), previously MobileIron Core, to infiltrate the networks of a number of Norwegian authorities organizations.
“Cell machine administration (MDM) techniques are engaging targets for risk actors as a result of they supply elevated entry to hundreds of cellular units, and APT actors have exploited a earlier MobileIron vulnerability,” CISA warned on the time.
“Consequently, CISA and NCSC-NO are involved concerning the potential for widespread exploitation in authorities and personal sector networks.”