A Heap overflow vulnerability in WLInfoRailService component of Ivanti Avalanche before 6.4.3 allows an unauthenticated remote attacker to execute arbitrary commands.
The vulnerability is a heap buffer overflow (CWE-122) in the WLInfoRailService component. An attacker can send specially crafted network data to the vulnerable component without any authentication. The overflow allows overwriting critical memory structures and directing code execution in a direction controlled by the attacker.
An unauthenticated remote attacker can execute arbitrary commands on the vulnerable system, which in practice means the ability to fully take control of the Ivanti Avalanche server, steal data, and perform further actions within the victim's infrastructure.
Ivanti Avalanche must be urgently updated to version 6.4.3 or newer. Detailed information is available in the official vendor bulletin: https://forums.ivanti.com/s/article/Avalanche-6-4-3-Security-Hardening-and-CVEs-addressed
Ivanti Avalanche versions earlier than 6.4.3
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HIvanti Avalanche
APPIvanti< 6.4.3.528
Related vulnerabilities
Buffer overflow w Ivanti Avalanche Manager umożliwiający RCE bez uwierzytelnienia
Path Traversal w Ivanti Avalanche — nieuprawnione usuwanie plików i DoS
Heap Overflow w Ivanti Avalanche umożliwiający RCE bez uwierzytelnienia
Heap Overflow w Ivanti Avalanche umożliwia zdalne wykonanie kodu
Ivanti Avalanche — RCE/DoS przez korupcję pamięci w Mobile Device Server