CVE-2023-46223

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Dec 19, 2023
Updated: Aug 1, 2024
CWE ID 121
CWE ID 787

Summary

CVE-2023-46223 is a newly discovered vulnerability that affects the Mobile Device Server. An attacker can exploit this weakness by sending tailored data packets, leading to memory corruption. Consequences of this vulnerability range from a Denial of Service (DoS) attack to potentially more severe consequences, including code execution. The resulting impact depends on the specifics of the attack vector and the targeted system configuration. To mitigate this risk, it is recommended that affected organizations apply the relevant patches or updates as soon as possible.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Ivanti Avalanche

Affected Vendors

  • Ivanti Software Inc.