CVE-2023-32563

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Aug 10, 2023
Updated: Aug 28, 2023
CWE ID 22

Summary

CVE-2023-32563 is a newly identified vulnerability that allows unauthenticated attackers to execute code through a RemoteControl server. This issue arises due to insufficient access controls in the server, enabling an adversary to exploit it remotely and gain administrative privileges. Successful exploitation could result in significant data loss or system compromise. Organizations using this software are advised to apply the necessary patches as soon as possible to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Ivanti Avalanche

Affected Vendors

  • Ivanti Software Inc.