Ivanti has released security updates to fix 27 vulnerabilities in its Avalanche mobile device management (MDM) solution, two of them critical heap overflows that can be exploited for remote command execution.
Ivanti’s Avalanche enterprise MDM solution has been found to have 13 critical security vulnerabilities, including buffer overflow weaknesses, that can be exploited by attackers to gain remote code execution on unpatched systems.