Critical Vulnerabilities in Ivanti Avalanche

Ivanti has released security updates to address several critical vulnerabilities in Ivanti Avalanche, an enterprise mobility management (EMM) solution.

The critical vulnerabilities are:

• CVE-2023-32560: Successful exploitation of this vulnerability could allow an attacker to send a specially crafted message to the Wavelink Avalanche Manager, resulting in service disruption or arbitrary code execution.

• CVE-2023-32561: Successful exploitation of this vulnerability could lead to an authentication bypass.

• CVE-2023-32562 and CVE-2023-32564: Successful exploitation of these vulnerabilities could allow an unrestricted file upload to achieve remote code execution.

• CVE-2023-32563: Successful exploitation of this vulnerability could allow an unauthenticated attacker to achieve code execution through a Remote Control server.   

• CVE-2023-32565 and CVE-2023-32566: Successful exploitation of these vulnerabilities could allow an attacker to send a specially crafted request which could lead to leakage of sensitive data or a resource-based denial of service attack.

These vulnerabilities affect Ivanti Avalanche versions 6.4.0 and older.

Users and administrators of affected product versions are advised to upgrade to the latest version immediately.

More information is available here:

https://forums.ivanti.com/s/article/Avalanche-Vulnerabilities-Addressed-in-6-4-1?language=en_US

https://www.tenable.com/security/research/tra-2023-27

https://www.bleepingcomputer.com/news/security/ivanti-avalanche-impacted-by-critical-pre-auth-stack-buffer-overflows/