Ivantis Enterprise Mobility Management (EMM) is vulnerable and the developers have patched several vulnerabilities in a recent release. With EMM, admins manage mobile devices in companies.
In an article, security researchers from Tenable explicitly warn of a “critical” malicious code vulnerability (CVE-2023-32560). Because WLAvalanceService.exe uses buffers with a fixed size for storing character strings, attackers should be able to start here. This works remotely and without authentication. With a crafted request, they can overflow the buffer and ultimately execute their own code.
The researchers claim to have reported the vulnerability in April 2023. EMM version 6.4.1, which is protected against the attack, was released at the beginning of August. The security researchers published their report in mid-August.
Other critical security issues
An alert from Ivanti indicates that the developers have patched six more vulnerabilities in release 126.96.36.199. Of these, five are considered “critical”. If attackers successfully exploit these vulnerabilities, DoS attacks are conceivable, but malicious code can also get onto systems here and there is a high probability of completely compromising PCs. It is not yet known whether there have already been attacks on one of the vulnerabilities.
Vulnerabilities in Ivanti Endpoint Manager recently made headlines. Attackers could, among other things, start with a vulnerability (CVE-2023-28324 “high”) and, in the worst case, also execute their own code.
Go to home page
#attacks #Ivanti #Enterprise #Mobility #Management