Vulnerability Description
Denial-of-Service (DoS) in Ivanti Service Manager HEAT Remote Control 7.4 due to a buffer overflow in the protocol parser of the ‘HEATRemoteService’ agent. The DoS can be triggered by sending a specially crafted network packet.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ivanti | Desktop\&Server Management | < 2020.1 |
| Ivanti | Service Manager Heat Remote Control | 7.4 |
Related Weaknesses (CWE)
References
- https://forums.ivanti.com/s/article/Release-Notes-for-DSM-2020-1Release NotesVendor Advisory
- https://insinuator.net/2020/06/security-advisories-for-ivanti-dsm-suite/Third Party Advisory
- https://forums.ivanti.com/s/article/Release-Notes-for-DSM-2020-1Release NotesVendor Advisory
- https://insinuator.net/2020/06/security-advisories-for-ivanti-dsm-suite/Third Party Advisory
FAQ
What is CVE-2020-12441?
CVE-2020-12441 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Denial-of-Service (DoS) in Ivanti Service Manager HEAT Remote Control 7.4 due to a buffer overflow in the protocol parser of the ‘HEATRemoteService’ agent. The DoS can be triggered by sending a specia...
How severe is CVE-2020-12441?
CVE-2020-12441 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2020-12441?
Check the references section above for vendor advisories and patch information. Affected products include: Ivanti Desktop\&Server Management, Ivanti Service Manager Heat Remote Control.