CVE-2023-32563
CVSS 3.1 Score 9.8 of 10 (high)
Details
Published Aug 10, 2023
Updated: Aug 28, 2023
CWE ID 22
Summary
CVE-2023-32563 is a newly identified vulnerability that allows unauthenticated attackers to execute code through a RemoteControl server. This issue arises due to insufficient access controls in the server, enabling an adversary to exploit it remotely and gain administrative privileges. Successful exploitation could result in significant data loss or system compromise. Organizations using this software are advised to apply the necessary patches as soon as possible to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- Ivanti Avalanche
Affected Vendors
- Ivanti Software Inc.