CRITICAL🇵🇱 Wersja polska

CVE-2023-46216

CVSS 9.8v3.1pub. 2023-12-19upd. 2024-11-21

An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution.

🤖 AI Analysis
How it works

An attacker sends specially crafted network packets to the Mobile Device Server component operating within Ivanti Avalanche. Improper processing of this data leads to writing outside the allocated memory area (CWE-787 — out-of-bounds write), causing memory corruption of the process. This state can be exploited to gain control over program execution flow (RCE) or cause its crash (DoS).

Impact

An attacker can gain full control over the server through remote code execution (RCE) or cause unavailability of the mobile device management service (DoS). The attack requires no authentication or user interaction.

Mitigation & patch

Ivanti Avalanche should be updated to version 6.4.2 or later according to information contained in vendor release notes available at the address indicated in the references. It is also recommended to restrict network access to the Mobile Device Server port exclusively to trusted hosts using a firewall.

Who is affected

Ivanti Avalanche — versions prior to 6.4.2 (according to vendor references); Microsoft Windows environment as the platform hosting the Mobile Device Server component

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Ivanti Avalanche

    APP
    Ivanti
    < 6.4.2
  • Microsoft Windows

    OS
    Microsoft
    wszystkie wersje
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCEDoS
CWE
References

Related vulnerabilities

CVE-2026-8398CRITICAL9.3⚠ KEVPL ✓ten sam produkt

Atak na łańcuch dostaw DAEMON Tools Lite — trojanizacja instalatorów

CVE-2025-10585CRITICAL9.8⚠ KEVPL ✓ten sam produkt

Type confusion w V8 (Google Chrome) — zdalne uszkodzenie sterty

CVE-2025-34028CRITICAL9.3⚠ KEVPL ✓ten sam produkt

Commvault Command Center – nieuwierzytelniony RCE przez path traversal w ZIP

CVE-2024-7262CRITICAL9.3⚠ KEVPL ✓ten sam produkt

Path Traversal w Kingsoft WPS Office — ładowanie dowolnej biblioteki Windows

CVE-2024-4577CRITICAL9.8⚠ KEVPL ✓ten sam produkt

PHP CGI argument injection – RCE na Windows przez mechanizm Best-Fit