Jump to content
  • CVE-2023-32560: Ivanti - Unauthenticated Stack-based Buffer Overflows

    NetScaler Cyber Threat Intelligence
    • Validation Status: Validated
      Has Video?: No

    CVE-2023-32560: Ivanti - Unauthenticated Stack-based Buffer Overflows (Not applicable for WAF signature)


    NetScaler CTRI Team

    Last Updated: 08/16/2023




    A vulnerability has been discovered in Ivanti Avalanche.


    The vulnerability exists in WLAvalancheService.exe version and older, which receives communications over TCP port 1777. It can be exploited by an attacker sending specially crafted data packets containing hex strings (type 3) or a list of decimal strings separated by “;” (type 9). This can cause a buffer overflow due to a fixed-size stack-based buffer used to store the converted data.

    Avalanche version 6.4.1 has fixed multiple security vulnerabilities, including CVE-2023-32560, CVE-2023-32561, CVE-2023-32562, CVE-2023-32563, CVE-2023-32564, CVE-2023-32565, and CVE-2023-32566. These vulnerabilities concern various authentication bypasses and remote code execution flaws.


    Please follow the guidelines as recommended by the vendor in their Security Article


    NetScaler CTRI :

    NetScaler CTRI team is actively investigating this issue and will provide an update on the mitigation steps, WAF Signature soon. 


    Update: CTRI team has verified that the CVE-2023-32560 is not applicable for a WAF signature as it solely exploit TCP/UDP path. (https://help.ivanti.com/wl/help/en_us/ava/6.4/Avalanche/Appendices/ports.ht)


    1. https://nvd.nist.gov/vuln/detail/CVE-2023-32560




    User Feedback

    Recommended Comments

    There are no comments to display.

    Create an account or sign in to comment

    You need to be a member in order to leave a comment

    Create an account

    Sign up for a new account in our community. It's easy!

    Register a new account

    Sign in

    Already have an account? Sign in here.

    Sign In Now

  • Create New...