Ivanti warns of vital flaws in its Avalanche MDM resolution – Supply: www.bleepingcomputer.com


Ivanti has launched safety updates to repair 27 vulnerabilities in its Avalanche cellular machine administration (MDM) resolution, two of them vital heap overflows that may be exploited for distant command execution.

Avalanche is utilized by enterprise admins to remotely handle, deploy software program, and schedule updates throughout massive fleets of over 100,000 cellular units from a single central location.

As the corporate explained on Wednesday, the 2 vital safety flaws (CVE-2024-24996 and CVE-2024-29204) had been present in Avalanche’s WLInfoRailService and WLAvalancheService elements.

They’re each brought on by heap-based buffer overflow weaknesses, which might let unauthenticated distant attackers execute arbitrary instructions on susceptible techniques in low-complexity assaults that don’t require consumer interplay.

In the present day, Ivanti additionally patched 25 medium and high-severity bugs that distant attackers may exploit to set off denial-of-service assaults, execute arbitrary instructions as SYSTEM, learn delicate info from reminiscence, and distant code execution assaults.

“We are not aware of any customers being exploited by these vulnerabilities prior to public disclosure. These vulnerabilities were disclosed through our responsible disclosure program,” the corporate said in a safety advisory printed on Tuesday.

“To address the security vulnerabilities listed below, it is highly recommended to download the Avalanche installer and update to the latest Avalanche 6.4.3.”

Prospects can discover the newest Avalanche 6.4.3 launch here and extra info relating to improve steps in this support article.

Ivanti patched 13 extra critical-severity distant code execution vulnerabilities within the Avalanche MDM resolution in December after fixing two different vital Avalanche buffer overflows collectively tracked as CVE-2023-32560 in August.

State-affiliated hackers used two zero-day flaws (CVE-2023-35078 and CVE-2023-35081) in Ivanti’s Endpoint Supervisor Cellular (EPMM), previously often known as MobileIron Core, to breach the networks of multiple Norwegian government organizations one 12 months in the past.

Months later, attackers chained a third MobileIron Core zero-day (CVE-2023-35081) with CVE-2023-35078 to additionally hack into the IT techniques of a dozen Norwegian ministries.

“Mobile device management (MDM) systems are attractive targets for threat actors because they provide elevated access to thousands of mobile devices, and APT actors have exploited a previous MobileIron vulnerability,” CISA warned final August.

“Consequently, CISA and NCSC-NO are concerned about the potential for widespread exploitation in government and private sector networks.”

Authentic Submit URL: https://www.bleepingcomputer.com/information/safety/ivanti-warns-of-critical-flaws-in-its-avalanche-mdm-solution/

Author: CISO2CISO Editor 2
Date: 2024-04-16 19:00:28

Source link



Related articles

Alina A, Toronto
Alina A, Torontohttp://alinaa-cybersecurity.com
Alina A, an UofT graduate & Google Certified Cyber Security analyst, currently based in Toronto, Canada. She is passionate for Research and to write about Cyber-security related issues, trends and concerns in an emerging digital world.


Please enter your comment!
Please enter your name here