CVE-2023-32560

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Aug 10, 2023
Updated: Sep 18, 2023
CWE ID 787

Summary

CVE-2023-32560 is a newly identified vulnerability that affects the Wavelink Avalanche Manager. An attacker can exploit this issue by sending a maliciously crafted message to the manager, potentially leading to service disruption or even arbitrary code execution. This security weakness was discovered by a researcher at Tenable and has since been addressed in version 6.4.1 of the software. Organizations using earlier versions are advised to update promptly to mitigate the risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Ivanti Avalanche

Affected Vendors

  • Ivanti Software Inc.