Ivanti Alerts Users of Critical Vulnerabilities in Avalanche MDM Solution
April 18, 2024PatchWork APT Threat Actor Group – Active IOCs
April 19, 2024Ivanti Alerts Users of Critical Vulnerabilities in Avalanche MDM Solution
April 18, 2024PatchWork APT Threat Actor Group – Active IOCs
April 19, 2024Severity
High
Analysis Summary
CVE-2024-20295 CVSS:8.8
Cisco Integrated Management Controller (IMC) Software could allow a local authenticated attacker to execute arbitrary commands on the system, caused by improper input validation in the CLI. By sending a specially crafted CLI command, an attacker could exploit this vulnerability to inject and execute arbitrary commands on the system.
CVE-2024-20356 CVSS:8.7
Cisco Integrated Management Controller (IMC) Software could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by improper input validation by the web-based management interface. By sending a specially crafted commands, an attacker could exploit this vulnerability to inject and execute arbitrary commands on the system.
CVE-2024-20373 CVSS:5.3
Cisco IOS Software and Cisco IOS XE Software could allow a remote attacker to bypass security restrictions, caused by a vulnerability in the implementation of the Simple Network Management Protocol (SNMP) IPv4 access control list (ACL) feature. By performing SNMP polling of an affected device, an attacker could exploit this vulnerability to perform SNMP operations that should be denied.
Impact
- Gain Access
- Security Bypass
Indicators of Compromise
CVE
- CVE-2024-20295
- CVE-2024-20356
- CVE-2024-20373
Affected Vendors
Affected Products
- Cisco IOS XE Software
- Cisco Integrated Management Controller
Remediation
Refer to Cisco Security Advisory for patch, upgrade or suggested workaround information.