CVE-2023-32560 Information

Description

An attacker can send a specially crafted message to the Wavelink Avalanche Manager which could result in service disruption or arbitrary code execution.

Thanks to a Researcher at Tenable for finding and reporting.

Fixed in version 6.4.1.

Reference

https://forums.ivanti.com/s/article/Avalanche-Vulnerabilities-Addressed-in-6-4-1?language=en_US