CVE-2023-32560
CVSS 3.1 Score 9.8 of 10 (high)
Details
Published Aug 10, 2023
Updated: Sep 18, 2023
CWE ID 787
Summary
CVE-2023-32560 is a newly identified vulnerability that affects the Wavelink Avalanche Manager. An attacker can exploit this issue by sending a maliciously crafted message to the manager, potentially leading to service disruption or even arbitrary code execution. This security weakness was discovered by a researcher at Tenable and has since been addressed in version 6.4.1 of the software. Organizations using earlier versions are advised to update promptly to mitigate the risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- Ivanti Avalanche
Affected Vendors
- Ivanti Software Inc.