Arctic Wolf Security Bulletin
Arctic Wolf Security Bulletin
Back to blog

CVE-2023-41727, CVE-2023-46220, CVE-2023-46261, and More: Multiple Critical Vulnerabilities Patched in Ivanti Avalanche

On 20 December 2023, Ivanti announced that 20 vulnerabilities in Ivanti Avalanche On-Prem were patched in the product’s latest update. Arctic Wolf has highlighted 13 of these vulnerabilities in this bulletin that were rated as critical severity and could lead to remote code execution (RCE) or Denial of Service (DoS). 
Arctic Wolf Security Bulletin
6 min read

On 20December 2023, Ivanti announced that 20 vulnerabilities in Ivanti Avalanche On-Prem were patched in the product’s latest update. Arctic Wolf has highlighted 13 of these vulnerabilities in this bulletin that were rated as critical severity and could lead to remote code execution (RCE) or Denial of Service (DoS). 

CVE-ID    Vulnerability Type  CVSS Score  
CVE-2023-41727  Unauthenticated Buffer Overflow  9.8 – Critical 
CVE-2023-46216  Unauthenticated Buffer Overflow  9.8 – Critical 
CVE-2023-46217      Unauthenticated Buffer Overflow  9.8 – Critical 
CVE-2023-46220  Stack-based Buffer Overflow RCE  9.8 – Critical 
CVE-2023-46221  Stack-based Buffer Overflow RCE  9.8 – Critical 
CVE-2023-46222  Stack-based Buffer Overflow RCE  9.8 – Critical 
CVE-2023-46223  Stack-based Buffer Overflow RCE  9.8 – Critical 
CVE-2023-46224  Stack-based Buffer Overflow RCE  9.8 – Critical 
CVE-2023-46225  Stack-based Buffer Overflow RCE  9.8 – Critical 
CVE-2023-46257  Stack-based Buffer Overflow RCE  9.8 – Critical 
CVE-2023-46258  Stack-based Buffer Overflow RCE  9.8 – Critical 
CVE-2023-46259  Stack-based Buffer Overflow RCE  9.8 – Critical 
CVE-2023-46261  Heap-based Buffer Overflow RCE  9.8 – Critical 

 

These vulnerabilities were discovered by researchers at Tenable and Trend Micro’s Zero Day Initiative and responsibly disclosed to Ivanti. At this time, there have been no public proof of concept (PoC) exploit code published or active exploitation for these vulnerabilities observed in the wild. However, given the past history of Ivanti products being targeted by threat actors (as evidenced by CISA’s known exploited vulnerabilities catalog and AW Labs security bulletin), we expect that threat actors are likely to attempt exploitation in the near term of one or more of the vulnerabilities described in this bulletin.  

Recommendation for CVE-2023-41727, CVE-2023-46220, CVE-2023-46261

Upgrade Ivanti Avalanche to Fixed Version

Arctic Wolf strongly recommends upgrading Ivanti Avalanche to the latest fixed version. 

Product  Affected Version(s)  Fixed Version 
Ivanti Avalanche 
  • All supported versions of the products (Avalanche versions 6.3.1 and above) 
  • Older versions/releases are also at risk. 
 6.4.2 

 

Please follow your organisation’s patching and testing guidelines to avoid operational impact. 

References 

  1. Ivanti announcement
  2. Ivanti article 
  3. Ivanti Avalanche 6.4.2 Release notes 
Popular Topics
View all posts
Share this post:

What to read next

Back to Blog
Arctic Wolf Blog Featured Image
9 min read
|

Top Identity Threats Your Organisation Faces

May 2, 2025

View Post
Arctic Wolf Blog Featured Image
6 min read

Follow-Up: SonicWall Updates Advisories for Actively Exploited Vulnerabilities

April 30, 2025

View Post
Arctic Wolf Blog Featured Image
9 min read
|

MDR vs. EDR: Which Solution is Right for Your Organisation?

April 30, 2025

View Post
Arctic Wolf Blog Featured Image
5 min read

The Dangers of Double and Triple Extortion in Ransomware

April 29, 2025

View Post