theAIcatchup

Diagram showing privilege escalation attack path in Ivanti Avalanche Smart Device Service

Ivanti Avalanche's Sneaky Priv-Esc Hole: No Auth Needed, Local Root Awaits

Ivanti swore their Avalanche MDM was battle-tested. Then CVE-2022-43554 drops: a missing auth check letting locals climb to root. Who's surprised? Not me.

4 min read 4 hours ago

Diagram showing local privilege escalation attack on Ivanti Avalanche Printer Device Service via CVE-2022-43555

Vulnerabilities & CVEs

CVE-2022-43555: Ivanti Avalanche's Printer Flaw Hands Attackers Local Admin Rights

Ever wonder if that humming office printer is quietly handing over your network keys? CVE-2022-43555 in Ivanti Avalanche proves it might be.

3 min read 4 hours ago

#Ivanti Avalanche

Ivanti Avalanche's Sneaky Priv-Esc Hole: No Auth Needed, Local Root Awaits

CVE-2022-43555: Ivanti Avalanche's Printer Flaw Hands Attackers Local Admin Rights

Stay in the loop