Fixes have been issued by IT security firm Ivanti for more than 20 security vulnerabilities impacting its Avalanche enterprise mobile development management offering, 13 of which are critical buffer overflow bugs, reports SecurityWeek.
Remote code execution and denial-of-service attacks could be conducted through the exploitation of the critical flaws, according to Ivanti. Ivanti also addressed eight high-severity bugs, which could be leveraged to facilitate server-side request forgery and DoS attacks, as well as authentication evasion and arbitrary file uploads, in addition to a medium-severity flaw that could be abused for SSRF attacks. Immediate patching has been urged for organizations using Avalanche version 6.3.1 and above, as well as older iterations. "Upon learning of the vulnerabilities, we immediately mobilized resources to fix the problem and have fixes available now for all impacted versions," said Ivanti. Such fixes come after the inclusion of 12 Ivanti product flaws in the Cybersecurity and Infrastructure Security Agency's Known Exploited Vulnerabilities list this year.
As part of its latest attacks discovered in June, Tropic Tropper exploited several known Microsoft Exchange Server and Adobe ColdFusion vulnerabilities to distribute an updated China Chopper web shell on a server hosting the Umbraco open-source content management system.
More than 50 Alibaba-hosted command-and-control servers have been leveraged to facilitate the distribution of the backdoor, which impersonates the Java, bash, sshd, SQLite, and edr-agent utilities.
Angola and the Democratic Republic of Congo, which is a new Intellexa client, may have leveraged new Predator infrastructure to enable spyware staging and exploitation, according to an analysis from Recorded Future's Insikt Group.