Multiple Vulnerabilities have been discovered in Ivanti Avalanche, the most severe of which could allow for authentication bypass. Ivanti Avalanche is a mobile device management system. Network security features allow one to manage wireless settings (including encryption and authentication) and apply those settings on a schedule throughout the network. Successful exploitation could allow for a remote unauthenticated attacker to bypass authentication. Depending on the privileges associated with the logged-on user, an attacker could then install programs; view, change, or delete data. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
Multiple Vulnerabilities in Ivanti Avalanche Could Allow for Authentication Bypass
Recent Posts
- Protecting the Software Supply Chain: The Art of Continuous Improvement
- Mastering Docker and Jenkins: Build Robust CI/CD Pipelines Efficiently
- CVE-2025-21630 – Linux Kernel: io_uring: Uninitialized Message Queue Inquire
- CVE-2025-21629 – “Linux Net IF – IPv6 extension header offload vulnerability”
- CVE-2024-5198 – OpenVPN for Windows DLL Injection Null Pointer Dereference