On 14 August 2023, cybersecurity company Tenable released a research advisory detailing two stack-based buffer overflow vulnerabilities, collectively tracked as CVE-2023-32560, impacting Ivanti Avalanche products version 6.4.0 and older. A threat actor could remotely exploit the vulnerabilities without user authentication by specifying long data type items to overflow the buffer.
This CVE was discovered and responsibly disclosed to Ivanti by security researchers at Tenable. At this point in time, no exploitation has been observed in the wild. However, as demonstrated in CISA’s Known Exploited Vulnerabilities Catalog, threat actors have exploited Ivanti vulnerabilities in the past. Due to the severity of CVE-2023-32560 and the fact that vulnerabilities impacting Ivanti products have been weaponised by threat actors, Arctic Wolf strongly recommends upgrading to the latest available patch on all affected devices.
Recommendation for CVE-2023-32560: Apply the Latest Patch Released by Ivanti
|Product||Impacted Versions||Patched Version|
|Ivanti Avalanche||6.4.0 and older||220.127.116.11 or later|
Ivanti has addressed these vulnerabilities in Ivanti Avalanche 18.104.22.168. Arctic Wolf strongly recommends reviewing Ivanti’s security advisory to access and apply the patch. Customer login is required.
Please follow your organisation’s patching and testing guidelines to avoid any operational impact.