Two stack-based buffer overflows collectively tracked as CVE-2023-32560 impression Ivanti Avalanche, an enterprise mobility administration (EMM) resolution designed to handle, monitor, and safe a variety of cell units.
The failings are rated important (CVSS v3: 9.8) and are remotely exploitable with out person authentication, probably permitting attackers to execute arbitrary code on the goal system.
The vulnerability impacts WLAvalancheService.exe model 220.127.116.11 and older, which receives communications over TCP port 1777.
An attacker sending specifically crafted knowledge packets containing hex strings (kind 3) or an inventory of decimal strings separated by “;” (kind 9) could cause a buffer overflow because of a fixed-size stack-based buffer used to retailer the transformed knowledge.
Buffer overflow is a sort of safety downside the place a program writes extra knowledge to an adjoining reminiscence block (buffer) than it may maintain, overwriting these areas and inflicting program crashes or arbitrary code execution.
Stack-based buffer overflows concern the overwrite of areas allotted on the stack, a reminiscence area that shops this system’s native variables and return addresses, making it attainable to direct this system to execute malicious code.
The problems had been found by Tenable researchers and reported to Ivanti on April 4, 2023, whereas a proof-of-concept was shared with the seller on April 13, 2023.
After extending the disclosure window to permit the seller extra time to handle the problems, a safety replace was launched on August 3, 2023, with Avalanche version 6.4.1.
Together with CVE-2023-32560, Avalanche model 6.4.1 additionally fixes CVE-2023-32561, CVE-2023-32562, CVE-2023-32563, CVE-2023-32564, CVE-2023-32565, and CVE-2023-32566, regarding numerous authentication bypass and distant code execution flaws.
Ivanti software program is utilized in important methods and settings, so risk actors are continuously in search of critical-severity vulnerabilities that represent potential gateways for assaults.
Final month, it was revealed that hackers exploited a zero-day authentication bypass vulnerability (CVE-2023-35078) in Ivanti Endpoint Supervisor Cell (EPMM) to breach a platform utilized by twelve ministries of the Norwegian authorities, accessing probably delicate and categorised data.
- Apple’s new AirPods Professional with USB-C charging case are already $50 off
- Simply 48 hours left to save lots of 20% on this Lifetime Plex Move deal
- P2PInfect botnet exercise surges 600x with stealthier malware variants
- Are you able to promote electrical energy again to the grid in Maine?
- Samsung brings One UI 6 beta to the Galaxy S22 sequence