Friday, December 22, 2023
HomeCyber SecurityIvanti releases patches for 13 crucial Avalanche RCE flaws

Ivanti releases patches for 13 crucial Avalanche RCE flaws


​Ivanti has launched safety updates to repair 13 crucial safety vulnerabilities within the firm’s Avalanche enterprise cellular machine administration (MDM) resolution.

Avalanche permits admins to handle over 100,000 cellular units from a single, central location over the Web, deploy software program, and schedule updates.

As Ivanti defined on Wednesday, these safety flaws are on account of WLAvalancheService stack or heap-based buffer overflow weaknesses reported by Tenable safety researchers and Development Micro’s Zero Day Initiative.

Unauthenticated attackers can exploit them in low-complexity assaults that do not require consumer interplay to realize distant code execution on unpatched techniques.

“An attacker sending specifically crafted information packets to the Cell Machine Server may cause reminiscence corruption which may end result to a Denial of Service (DoS) or code execution,” Ivanti mentioned in a safety advisory.

“To deal with the safety vulnerabilities [..], it’s extremely really helpful to obtain the Avalanche installer and replace to the most recent Avalanche 6.4.2. These vulnerabilities impression all supported variations of the merchandise – Avalanche variations 6.3.1 and above. Older variations/releases are additionally in danger.”

CVE-ID Product Affected / Vulnerability
CVE-2023-41727 Ivanti Avalanche v6.4.1 WLAvalancheService.exe Unauthenticated Buffer Overflows
CVE-2023-46216 Ivanti Avalanche v6.4.1 WLAvalancheService.exe Unauthenticated Buffer Overflows
CVE-2023-46217 Ivanti Avalanche v6.4.1 WLAvalancheService.exe Unauthenticated Buffer Overflows
CVE-2023-46220 Ivanti Avalanche WLAvalancheService Stack-based Buffer Overflow RCE Vulnerability
CVE-2023-46221 Ivanti Avalanche WLAvalancheService Stack-based Buffer Overflow RCE Vulnerability
CVE-2023-46222 Ivanti Avalanche WLAvalancheService Stack-based Buffer Overflow RCE Vulnerability
CVE-2023-46223 Ivanti Avalanche WLAvalancheService Stack-based Buffer Overflow RCE Vulnerability
CVE-2023-46224 Ivanti Avalanche WLAvalancheService Stack-based Buffer Overflow RCE Vulnerability
CVE-2023-46225 Ivanti Avalanche WLAvalancheService Stack-based Buffer Overflow RCE Vulnerability
CVE-2023-46257 Ivanti Avalanche WLAvalancheService Stack-based Buffer Overflow RCE Vulnerability
CVE-2023-46258 Ivanti Avalanche WLAvalancheService Stack-based Buffer Overflow RCE Vulnerability
CVE-2023-46259 Ivanti Avalanche WLAvalancheService Stack-based Buffer Overflow RCE Vulnerability
CVE-2023-46260 Ivanti Avalanche WLAvalancheService Null Pointer Dereference Denial-of-Service Vulnerability
CVE-2023-46261 Ivanti Avalanche WLInfoRailService Heap-based Buffer Overflow RCE Vulnerability

The corporate additionally patched eight medium- and high-severity bugs that attackers may exploit in denial of service, distant code execution, and server-side request forgery (SSRF) assaults.

All safety vulnerabilities disclosed at this time have been addressed in Avalanche v6.4.2.313. Extra data on upgrading your Avalanche set up is out there on this Ivanti help article.

In August, Ivanti fastened two different crucial Avalanche buffer overflows tracked collectively as CVE-2023-32560 that would result in crashes and arbitrary code execution following profitable exploitation.

Menace actors chained a 3rd MobileIron Core zero-day (CVE-2023-35081) with CVE-2023-35078 to hack into the IT techniques of a dozen Norwegian ministries one month earlier.

4 months earlier, in April, state-affiliated hackers used two different zero-day flaws (CVE-2023-35078 and CVE-2023-35081) in Ivanti’s Endpoint Supervisor Cell (EPMM), previously MobileIron Core, to infiltrate the networks of a number of Norwegian authorities organizations.

“Cell machine administration (MDM) techniques are engaging targets for risk actors as a result of they supply elevated entry to hundreds of cellular units, and APT actors have exploited a earlier MobileIron vulnerability,” CISA warned on the time.

“Consequently, CISA and NCSC-NO are involved concerning the potential for widespread exploitation in authorities and personal sector networks.”



Supply hyperlink

RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

- Advertisment -
Google search engine

Most Popular

Recent Comments