CVE-2023-46217: 
Ivanti Avalanche vulnerability analysis and mitigation

CVE-2023-46217 is a critical vulnerability in Ivanti Avalanche that affects all supported versions (6.3.1 and above) as well as older releases. The vulnerability was discovered through responsible disclosure and involves memory corruption in the Mobile Device Server that could be triggered by specially crafted data packets (Ivanti Blog, NVD). The vulnerability was disclosed on December 20, 2023, and was assigned a CVSS v3.1 score of 9.8, indicating critical severity.

The vulnerability is classified as an unauthenticated buffer overflow with a CVSS v3.1 base score of 9.8 (Critical). When processing a MuProperty type 102, the WLAvalancheService.exe copies user-supplied data to a fixed-size stack-based buffer, which can lead to buffer overflow conditions. The vulnerability can be exploited remotely without requiring authentication or user interaction (Tenable Research).

If successfully exploited, the vulnerability can result in either a Denial of Service (DoS) condition or potential code execution on the affected system. The critical CVSS score of 9.8 indicates that successful exploitation could lead to complete system compromise, affecting the confidentiality, integrity, and availability of the target system (NVD, Arctic Wolf).

Ivanti has released version 6.4.2 of Avalanche to address this vulnerability along with several others. Organizations are strongly recommended to upgrade to this latest version to mitigate the risk. The patch is available for all affected versions of the product (Release Notes, Ivanti Blog).