2 min Security

Ivanti fixes 14 critical vulnerabilities in Avalanche MDM solution

Ivanti fixes 14 critical vulnerabilities in Avalanche MDM solution

Ivanti recently patched as many as fourteen critical security vulnerabilities in its enterprise MDM solution Avalanche. These vulnerabilities allowed hackers to easily execute code remotely without the need for end-user interaction.

Ivanti discovered as many as 20 security vulnerabilities in its Avalanche MDM solution in total. Avalanche is an MDM solution that allows companies to manage these devices, install software and schedule updates to more than 100,000 mobile devices from a single location online.

Of the vulnerabilities discovered, 14 were defined as truly critical. The now-fixed critical vulnerabilities focused mainly on the so-called WLAvalancheService stack or a so-called heap-based buffer overflow vulnerability.

This allows unauthorized hackers to perform easy attacks that do not require interaction with end users. Ultimately, this allows them to remotely run code on affected systems.

Most recent version patches problems

More specifically, the critical vulnerabilities now found in Avanti Avalanche allow hackers to send specially crafted data packets to the Mobile Device Server. There, they can cause “memory corruption,” which in turn leads to a Denial of Service (DoS) or being able to execute arbitrary code. All problems have been fixed with the release of the latest version of Ivanti Avalanche, version 6.4.2.

Ivanti software vulnerabilities in 2023

The recent security vulnerabilities are not the first vulnerabilities Ivanti has faced this year. Back in April this year, the MDM specialist was hit by a major vulnerability in its Endpoint Manager Mobile (EPMM) solution. This was discovered in July when the Norwegian ministries discovered it was hacked. Further investigation revealed that all servers running the EPMM solution were vulnerable and that these servers were mainly located in Western companies.

In August this year, a leak was also found in the Ivanti Sentry gateway.

Also read: Hackers have been exploiting zero-day in Ivanti software since April