all InfoSec news
Ivanti Fixes Flaws in Enterprise Mobile Device Management Software
Malware Analysis, News and Indicators - Latest topics malware.news
Ivanti has issued patches for several critical- and high-severity vulnerabilities in its Avalanche enterprise mobile device management platform, including one that could enable unauthenticated, remote attackers to execute code.
While Ivanti released fixes for the seven flaws in version 6.4.1.207 of Avalanche earlier this month, the security advisories detailing these vulnerabilities were released this week. One of the more serious flaws (CVE-2023-32563) exists in the UpdateSkin method of Avalanche, which does not properly validate user-supplied paths for file operations. This …
attackers avalanche code critical device device management enable enterprise fixes flaws high ivanti management mobile mobile device mobile device management patches platform security security advisories severity software unauthenticated version vulnerabilities