Ivanti Fixes Flaws in Enterprise Mobile Device Management Software | allinfosecnews.com

Aug. 29, 2023, 1:50 p.m. | MalBot

Malware Analysis, News and Indicators - Latest topics malware.news

Ivanti has issued patches for several critical- and high-severity vulnerabilities in its Avalanche enterprise mobile device management platform, including one that could enable unauthenticated, remote attackers to execute code.

While Ivanti released fixes for the seven flaws in version 6.4.1.207 of Avalanche earlier this month, the security advisories detailing these vulnerabilities were released this week. One of the more serious flaws (CVE-2023-32563) exists in the UpdateSkin method of Avalanche, which does not properly validate user-supplied paths for file operations. This …

attackers avalanche code critical device device management enable enterprise fixes flaws high ivanti management mobile mobile device mobile device management patches platform security security advisories severity software unauthenticated version vulnerabilities

More from malware.news / Malware Analysis, News and Indicators - Latest topics

FBI warns of email spoofing by North Korean threat actor Kimsuky 2 hours ago | malware.news

actor article dmarc domains +16

You get a passkey, you get a passkey, everyone should get a passkey 5 hours ago | malware.news

accounts can consumer cracked +10

Attackers evade detection by leveraging Microsoft Graph API 5 hours ago | malware.news

api article attackers cloud +15

Weird Al, Docker, OT, Gitlab, Credit Monitoring, Dropbox, Cisco, AI, Aaran Leyland... - SWN #383 6 hours ago | malware.news

article cisco credit credit monitoring +8

Code faster with generative AI, but beware the risks when you do 6 hours ago | malware.news

article can code coding +13

Proposed Bill Focuses on Voluntary AI Security Incident Reporting 7 hours ago | malware.news

ai security bill companies cybersecurity +21

The impact of automating open source dependency management 7 hours ago | malware.news

article business consuming customer +12

Diffusione di malware Keylogger tramite falsa pagina di Agenzia delle Entrate – PuntoFisco 8 hours ago | malware.news

agenzia delle entrate article cert con +5

Stronger cybersecurity aimed by Menlo Security, Google Cloud collaboration 10 hours ago | malware.news

article cloud collaboration customers +13

Senior Security Engineer - Detection and Response

@ Fastly, Inc. | US (Remote)

View on infosec-jobs.com

Application Security Engineer

@ Solidigm | Zapopan, Mexico

View on infosec-jobs.com

Defensive Cyber Operations Engineer-Mid

@ ISYS Technologies | Aurora, CO, United States

View on infosec-jobs.com

Manager, Information Security GRC

@ OneTrust | Atlanta, Georgia

View on infosec-jobs.com

Senior Information Security Analyst | IAM

@ EBANX | Curitiba or São Paulo

View on infosec-jobs.com

Senior Information Security Engineer, Cloud Vulnerability Research

@ Google | New York City, USA; New York, USA

View on infosec-jobs.com