PatchSiren cyber security CVE debrief
CVE-2016-3147 Ivanti CVE debrief
CVE-2016-3147 is a critical network-exploitable buffer overflow in the collector.exe listener used by Landesk Management Suite 10.0.0.271 and earlier. According to the provided NVD record, a large packet can trigger the flaw, leading to denial of service and possibly arbitrary code execution. The published CVSS 3.1 vector is 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), so environments exposing this listener should treat remediation as urgent.
- Vendor
- Ivanti
- Product
- CVE-2016-3147
- CVSS
- CRITICAL 9.8
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2017-01-23
- Original CVE updated
- 2026-05-13
- Advisory published
- 2017-01-23
- Advisory updated
- 2026-05-13
Who should care
Ivanti/Landesk administrators, endpoint management teams, and defenders responsible for any systems running Landesk Management Suite 10.0.0.271 or earlier, especially if the collector.exe listener is reachable over the network.
Technical summary
The provided NVD data describes a buffer overflow in the collector.exe listener for Landesk Management Suite versions up to and including 10.0.0.271. The weakness is mapped to CWE-119 and is reachable remotely with no privileges and no user interaction. Impact is recorded as possible denial of service and potential arbitrary code execution.
Defensive priority
Immediate. This is a remotely exploitable, unauthenticated critical issue with high confidentiality, integrity, and availability impact in the NVD assessment.
Recommended defensive actions
- Inventory all Landesk Management Suite installations and confirm whether any instance is at or below version 10.0.0.271.
- Reduce exposure of the collector.exe listener by restricting network access to trusted management networks only.
- Apply the vendor remediation or upgrade to a version newer than 10.0.0.271 if one is available in your environment.
- Monitor for crashes, abnormal restarts, or unusual inbound packets targeting the collector.exe listener.
- Review logs and network telemetry for signs of scanning or exploitation attempts against affected hosts.
- If compromise is suspected, isolate the affected system and follow incident response procedures to preserve logs and forensic evidence.
Evidence notes
The NVD record for CVE-2016-3147 states that Landesk Management Suite 10.0.0.271 and earlier are vulnerable, with the flaw located in the collector.exe listener and triggered by a large packet. NVD maps the weakness to CWE-119 and assigns CVSS 3.1 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). The supplied references include SecurityFocus BID 93565 and a Securifera advisory. The CVE was published on 2017-01-23 and last modified on 2026-05-13; that modification date is not the issue date.
Official resources
-
CVE-2016-3147 CVE record
CVE.org
-
CVE-2016-3147 NVD detail
NVD
-
Source item URL
nvd_modified
-
Mitigation or vendor reference
[email protected] - Third Party Advisory, VDB Entry
-
Mitigation or vendor reference
[email protected] - Third Party Advisory
CVE published by NVD/CVE on 2017-01-23 and last modified on 2026-05-13. No CISA KEV entry is included in the supplied data.