all InfoSec news
Multiple Vulnerabilities in Ivanti Avalanche Could Allow for Remote Code Execution
Center for Internet Security - Multi-State Information Sharing and Analysis Center www.cisecurity.org
Multiple vulnerabilities have been discovered in Ivanti Avalanche, the most severe of which could allow for remote code execution. Ivanti Avalanche is a mobile device management system. Network security features allow one to manage wireless settings (including encryption and authentication), and apply those settings on a schedule throughout the network. Successful exploitation could allow for remote code execution in the context of the system. Depending on the privileges associated with the system, an attacker could then install programs; view, change, …
authentication avalanche code code execution device device management encryption features ivanti ivanti avalanche manage management management system mobile mobile device mobile device management network network security remote code remote code execution schedule security security features settings system vulnerabilities wireless