Ivanti Avalanche Flaw Let Attackers Execute Remote Code
Ivanti Avalanche has been reported with so much of vulnerabilities ranging between Medium to High severity. Vulnerabilities comprise Arbitrary file upload remote code execution, Authentication bypass, Buffer Overflow, and Directory Traversal remote code execution.
Ivanti Avalanche is a cell machine administration machine that can even additionally be faded to administer units over the Web from a centralized discipline. It would also additionally be faded to observe additional indispensable aspects in regards to the machine esteem battery vitality or discipline and organize Wi-Fi and various settings.
Ivanti has released a patched version for fixing this vulnerability.
CVE(s):
CVE-2023-32560: Ivanti Avalanche WLAvalancheService.exe Unauthenticated Stack-basically based completely mostly Buffer Overflows
Here is an Out-of-bounds write and a stack-basically based completely mostly buffer overflow vulnerability which can even additionally be exploited by a threat actor by sending a specially crafted message to the Avalanche Manager that outcomes in provider disruption or arbitrary code execution.
The CVSS ranking for this vulnerability is given as 9.8 (Serious) by NVD.
CVE-2023-32561: Ivanti Avalanche dumpHeap Incorrect Permission Project Authentication Bypass Vulnerability
This vulnerability exists within the dumpHeap contrivance resulting from erroneous permission assignment. An attacker can exploit this vulnerability to read an artifact that became previously generated by the administrator which can even result in authentication bypass.
The CVSS ranking for this vulnerability is given as 7.5 (High) by NVD.
CVE-2023-32562: Ivanti Avalanche FileStoreConfig Arbitrary File Add Some distance off Code Execution Vulnerability
This vulnerability exists within the FileStoreConfig endpoint which can even additionally be exploited by a threat actor by importing a uncertain file form in Avalanche versions 6.3.x and below leading to remote code execution. The CVSS ranking for this vulnerability is given as 9.8 (Serious) by NVD.
CVE-2023-32563: Ivanti Avalanche updateSkin Directory Traversal Some distance off Code Execution Vulnerability
This vulnerability exists within the updateSkin contrivance which is resulting from the dearth of upright validation of a particular person-supplied path.
An attacker can affect remote code execution by the usage of this vulnerability and executing instructions as SYSTEM. The CVSS ranking for this vulnerability is given as 9.8 (Serious) by NVD.
CVE-2023-32564: Ivanti Avalanche FileStoreConfig Arbitrary File Add Some distance off Code Execution Vulnerability
This vulnerability is resulting from harmful validation of particular person-supplied info within the FileStoreConfig app permitting threat actors to upload arbitrary recordsdata leading to remote code execution.
The CVSS ranking for this vulnerability is given as 9.8 (Serious) by NVD.
CVE-2023-32565: Ivanti Avalanche SecureFilter Explain-Form Authentication Bypass Vulnerability
This vulnerability exists within the SecureFilter resulting from the harmful exercise of Explain-form HTTP header in authorization login which can even additionally be faded by a threat actor to avoid authentication common sense.
The CVSS ranking for this vulnerability is given as 9.1 (Serious).
CVE-2023-32566: Ivanti Avalanche SecureFilter allowPassThrough Authentication Bypass Vulnerability
This vulnerability exists within the allowPassThrough contrivance resulting from erroneous matching of strings right via authorization leading to an authentication bypass.
The CVSS ranking for this vulnerability is given as 9.1 (Serious).
Users of Ivanti Avalanche are instructed to upgrade to per chance the most unique version for patching these vulnerabilities and stopping them from getting exploited by threat actors.
Source credit : cybersecuritynews.com