April 17, 2024 at 08:48AM
Ivanti, an IT software company, released version 6.4.3 to fix 27 vulnerabilities in its Avalanche MDM product. These include critical-severity bugs allowing remote command execution without authentication. The patches also address high-severity flaws, medium-severity issues, and denial-of-service vulnerabilities. Ivanti recommends all customers update their Avalanche installations promptly to avoid potential exploitation.
Key takeaways from the meeting notes include:
– Ivanti has announced fixes for 27 vulnerabilities in its Avalanche enterprise mobile device management (MDM) product, including two critical-severity bugs that could lead to command execution.
– The two critical flaws, tracked as CVE-2024-24996 and CVE-2024-29204, are described as heap overflow issues in the WLInfoRailService and WLAvalancheService components of the MDM solution.
– These vulnerabilities can be exploited remotely, without authentication, and have a CVSS score of 9.8.
– The security patches also address multiple high-severity vulnerabilities that could allow remote, unauthenticated attackers to execute commands with System privileges, including path traversal issues, an unrestricted file upload bug, race condition vulnerabilities, heap overflow bug, use-after-free issue, and several denial-of-service and medium-severity issues.
– Ivanti has patched all flaws with version 6.4.3 of the Ivanti Avalanche on-premises product, and all supported versions of the MDM solution (versions 6.3.1 and above) are affected, with older releases also possibly at risk.
– Ivanti customers are advised to update their Avalanche installations as soon as possible, as attackers are known to have exploited flaws in Ivanti products even after patches have been released.
– It is noted that none of the resolved vulnerabilities have been exploited in the wild, and other Ivanti products are not affected by these security defects.
Feel free to let me know if you need any further details or clarification on the meeting notes.