Advanced

Ivanti Avalanche Vulnerability: What You Should Know

The December 20th Ivanti Avalanche advisory disclosed 22 CVEs, 12 of them rated 9.8 (Critical) and the remainder rated High, all rooted in stack-based buffer overflow vulnerabilities capa...

On December 20th, Ivanti published a security advisory disclosing a large batch of vulnerabilities affecting its Avalanche mobile device management (MDM) platform. This briefing consolidates the technical substance of that advisory discussion: what the product does, why the vulnerability class is dangerous, how many CVEs are involved, how to assess exposure, and what remediation and hardening steps organizations should take.

Ivanti is a technology vendor that builds software to help organizations manage and secure computer systems and mobile devices at scale. Its portfolio spans endpoint protection, mobile device management, and network/infrastructure management tooling intended to keep large fleets of devices running smoothly and securely.

Avalanche is Ivanti's MDM solution, but it is distinct from general-purpose enterprise mobility tools such as Microsoft Intune in that it is purpose-built for supply chain and logistics environments. Typical managed endpoints are handheld barcode scanners, rugged tablets, and similar warehouse- or retail-floor devices rather than standard laptops or phones. Avalanche's core function is to ensure that this fleet of specialized devices stays prov...

Sign in to read this course

A free account unlocks all 514 courses. 20 are readable without one.

What's inside

3 sections
  1. 1 Table of Contents
  2. 2 Module 1: The Ivanti Avalanche Security Advisory
  3. 3 Summary

More Vulnerability Briefings courses

View all 30

Interested in this course?

Contact us to book it or get a custom training plan for your team.