CVE-2023-32560

CVSS 8.8 HIGHEPSS 98.9%CWE-20 CWE-787

In short

Wavelink Avalanche Manager has a flaw where specially crafted messages can crash the service or allow attackers to run unauthorized code on the system. This is dangerous because it affects a management tool that controls critical infrastructure.

Technical detail

The vulnerability stems from improper input validation (CWE-20) and a buffer overflow (CWE-787) in the Wavelink Avalanche Manager message handling. An attacker can send a malicious message to trigger denial of service or achieve remote code execution. The flaw was patched in version 6.4.1.

Summary generated and translated by AI from the official description.

An attacker can send a specially crafted message to the Wavelink Avalanche Manager, which could result in service disruption or arbitrary code execution. Thanks to a Researcher at Tenable for finding and reporting. Fixed in version 6.4.1.

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products

Ivanti · Avalanche

public PoCs found — 5

githubgithub.com/x0rb3l/CVE-2023-32560★ 0 githubgithub.com/idkwastaken/CVE-2023-32560★ 0 cve_referencepacketstormsecurity.com/files/174459/Ivanti-Avalance-Remote-Code-Execution.htmlunverified cve_referencepacketstormsecurity.com/files/174698/Ivanti-Avalanche-MDM-Buffer-Overflow.htmlunverified exploitdbwww.exploit-db.com/exploits/51699unverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://packetstormsecurity.com/files/174459/Ivanti-Avalance-Remote-Code-Execution.html http://packetstormsecurity.com/files/174698/Ivanti-Avalanche-MDM-Buffer-Overflow.html https://forums.ivanti.com/s/article/Avalanche-Vulnerabilities-Addressed-in-6-4-1?language=en_US