CVE-2023-32560: Critical Remote Code Execution Vulnerabilities in Ivanti Avalanche

Share :

On August 14th, 2023, cybersecurity company Tenable released a research advisory detailing two stack-based buffer overflow vulnerabilities, collectively tracked as CVE-2023-32560, impacting Ivanti Avalanche products version 6.4.0 and older. A threat actor could remotely exploit the vulnerabilities without user authentication by specifying long data type items to overflow the buffer. 

This CVE was discovered and responsibly disclosed to Ivanti by security researchers at Tenable. At this point in time, no exploitation has been observed in the wild. However, as demonstrated in CISA’s Known Exploited Vulnerabilities Catalog, threat actors have exploited Ivanti vulnerabilities in the past. Due to the severity of CVE-2023-32560 and the fact that vulnerabilities impacting Ivanti products have been weaponized by threat actors, Arctic Wolf strongly recommends upgrading to the latest available patch on all affected devices. 

Recommendation for CVE-2023-32560: Apply the Latest Patch Released by Ivanti 

Product  Impacted Versions  Patched Version 
Ivanti Avalanche  6.4.0 and older or later 


Ivanti has addressed these vulnerabilities in Ivanti Avalanche Arctic Wolf strongly recommends reviewing Ivanti’s security advisory to access and apply the patch. Customer login is required. 

Please follow your organization’s patching and testing guidelines to avoid any operational impact. 


James Liolios

James Liolios

James Liolios is a Senior Threat Intelligence Researcher at Arctic Wolf, where he keeps a watchful eye on the latest threats and threat actors to understand the potential impact to Arctic Wolf customers. He has a background of 9 years' experience in many areas of cybersecurity, holds a bachelor's degree in Information Security, and is also CISSP certified.
Share :
Table of Contents
Subscribe to our Monthly Newsletter