With a concerning CVSS score of 9.8, the serious security flaws affecting Ivanti Avalanche, a popular business mobile device management system used by almost 30,000 organizations, have been grouped under the tracking identifier CVE-2023-32560. These flaws primarily affect WLAvanacheServer.exe v22.214.171.124 of Ivanti Avalanche and manifest as stack-based buffer overflows.
These flaws stem from the improper handling of specific data formats, which can allow a remote, unauthenticated attacker to exploit buffer overflows. The attacker can make the buffer overflow by entering a long type 9 item or a long hex string. These problems have serious consequences because successful exploitation can provide remote adversaries access to run arbitrary code or cause a system to crash, jeopardizing the reliability and functioning of vulnerable systems.
It is possible to alter a program’s execution to run arbitrary code, frequently allowing elevated privileges and unauthorized access, by exploiting stack-based buffer overflow vulnerabilities. These vulnerabilities occur when the buffer stored in the stack is rewritten.
Ivanti swiftly released Avalanche version 6.4.1 to address these serious vulnerabilities in April 2023. In addition to the aforementioned stack-based buffer overflow vulnerability (CVE-2023-32560), this update also fixes six more weaknesses (CVE-2023-32561 through CVE-2023-32566) that present the danger of remote code execution and authentication bypass.
It is critical for users to quickly apply the suggested updates given the current spike in investigations into security flaws in Ivanti software. To reduce potential threats and improve the general security posture of the impacted systems, timely implementation of these upgrades is crucial.