Ivanti Avalanche Critical Buffer Overflow Vulnerabilities: CVE-2023-32560 | allinfosecnews.com

Aug. 16, 2023, 10:25 a.m. | MalBot

Malware Analysis, News and Indicators - Latest topics malware.news

Two critical vulnerabilities, collectively identified as CVE-2023-32560, have been discovered within Ivanti Avalanche, an enterprise mobility management (EMM) solution responsible for managing, monitoring, and securing various mobile devices.

The flaws have been classified as critical (CVSS v3: 9.8) and can be exploited remotely without requiring user authentication. This potentially enables malicious actors to execute arbitrary code on the targeted system.

Vulnerability card for CVE-2023-32560 (SOCRadar Vulnerability Intelligence Module)

Affected Versions and Exploitation of Ivanti Avalanche Vulnerabilities

The vulnerability …

authentication avalanche buffer buffer overflow classified critical critical vulnerabilities cve cvss devices emm enterprise enterprise mobility enterprise mobility management exploited flaws ivanti ivanti avalanche malicious malicious actors management mobile mobile devices mobility monitoring overflow responsible solution vulnerabilities

More from malware.news / Malware Analysis, News and Indicators - Latest topics

Leveling the cybersecurity playing field 2 hours ago | malware.news

article blumira cybersecurity entry +4

Hardware cybersecurity leader, Flexxon, introduces Server Defender 2 hours ago | malware.news

advanced article cybersecurity defender +8

Automated pentesting in the cloud 2 hours ago | malware.news

article automated challenge cloud +10

How to revamp your cybersecurity in the middle of the chaos 2 hours ago | malware.news

article attackers chaos cybersecurity +8

6K-plus AI models may be affected by critical RCE vulnerability 4 hours ago | malware.news

ai models article attacks critical +14

Zscaler annual phishing report finds a near 60% increase in phishing attacks in 2023 5 hours ago | malware.news

article attacks link media +6

Microsoft, North Korea, Santander, CISA, Deepfakes, Aaran Leyland & More - SWN #387 6 hours ago | malware.news

amp article cisa deepfakes +8

Exploring Adlumin's Impactful Role in SMB Cybersecurity with CEO Robert Johnson and NightDragon's Dave DeWalt 6 hours ago | malware.news

2024 rsa conference adlumin ceo challenges +22

Malicious Life Podcast: Unmasking Secrets: The Rise of Open-Source Intelligence 7 hours ago | malware.news

airlines data dive episode +19

Information Security Engineers

@ D. E. Shaw Research | New York City

View on infosec-jobs.com

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada

View on infosec-jobs.com

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA

View on infosec-jobs.com

Cloud Security Engineer

@ City National Bank of Florida | Miami, FL, United States

View on infosec-jobs.com

Principal Security Engineer

@ VIANT | New York City

View on infosec-jobs.com

Associate Detection & Response Analyst

@ Rapid7 | VA Arlington 22203

View on infosec-jobs.com