{ "file_item": { "filepath": "security-advisories", "filename": "CERT-EU-SA2024-041.pdf" }, "title": "Multiple Vulnerabilities in Ivanti Avalanche MDM", "serial_number": "2024-041", "publish_date": "17-04-2024 09:32:02", "description": "On April 16, 2024, Ivanti disclosed several vulnerabilities in its Avalanche MDM solution, including two critical heap overflow issues allowing unauthenticated remote command execution.
\nIt is recommended updating as soon as possible.
\n", "url_title": "2024-041", "content_markdown": "---\ntitle: 'Multiple Vulnerabilities in\u00a0Ivanti\u00a0Avalanche\u00a0MDM'\nnumber: '2024-041'\nversion: '1.0'\noriginal_date: 'April 16, 2024'\ndate: 'April 17, 2024'\n---\n\n_History:_\n\n* _17/04/2024 --- v1.0 -- Initial publication_\n\n# Summary\n\nOn April 16, 2024, Ivanti disclosed several vulnerabilities in its Avalanche MDM solution, including two critical heap overflow issues allowing unauthenticated remote command execution [1].\n\nIt is recommended updating as soon as possible.\n\n# Technical Details\n\nThe two critical security flaws, tracked as **CVE-2024-24996** and **CVE-2024-29204**, with CVSS score of 9.8, were found in Avalanche's `WLInfoRailService` and `WLAvalancheService` components [1]. They are both caused by heap-based buffer overflow weaknesses, which can let unauthenticated remote attackers execute arbitrary commands on vulnerable systems in low-complexity attacks that do not require user interaction [1].\n\nThe 25 other vulnerabilities are ranging from medium to high severity, and can lead to denial of service conditions, unauthorised command execution as `SYSTEM`, and sensitive information disclosure [2].\n\n# Affected Products\n\nAvalanche MDM versions before version 6.4.3.\n\n# Recommendations\n\nCERT-EU recommends updating to the fixed version as soon as possible [2].\n\n# References\n\n[1] \n\n[2] ", "content_html": "

History:

Summary

On April 16, 2024, Ivanti disclosed several vulnerabilities in its Avalanche MDM solution, including two critical heap overflow issues allowing unauthenticated remote command execution [1].

It is recommended updating as soon as possible.

Technical Details

The two critical security flaws, tracked as CVE-2024-24996 and CVE-2024-29204, with CVSS score of 9.8, were found in Avalanche's WLInfoRailService and WLAvalancheService components [1]. They are both caused by heap-based buffer overflow weaknesses, which can let unauthenticated remote attackers execute arbitrary commands on vulnerable systems in low-complexity attacks that do not require user interaction [1].

The 25 other vulnerabilities are ranging from medium to high severity, and can lead to denial of service conditions, unauthorised command execution as SYSTEM, and sensitive information disclosure [2].

Affected Products

Avalanche MDM versions before version 6.4.3.

Recommendations

CERT-EU recommends updating to the fixed version as soon as possible [2].

References

[1] https://www.bleepingcomputer.com/news/security/ivanti-warns-of-critical-flaws-in-its-avalanche-mdm-solution/

[2] https://forums.ivanti.com/s/article/Avalanche-6-4-3-Security-Hardening-and-CVEs-addressed?language=en_US

", "licence": { "title": "Creative Commons Attribution 4.0 International (CC-BY 4.0)", "link": "https://creativecommons.org/licenses/by/4.0/", "restrictions": "https://cert.europa.eu/legal-notice", "author": "The Cybersecurity Service for the Union institutions, bodies, offices and agencies" } }