Vulnerabilites related to Ivanti - Secure Access Client
cve-2024-13813
Vulnerability from cvelistv5
Published
2025-02-11 15:26
Modified
2025-02-11 16:01
Severity ?
EPSS score ?
Summary
Insufficient permissions in Ivanti Secure Access Client before version 22.8R1 allows a local authenticated attacker to delete arbitrary files.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Ivanti | Secure Access Client |
Patch: 22.8R1 |
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-13813", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-02-11T16:01:23.366828Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-02-11T16:01:48.354Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "affected", product: "Secure Access Client", vendor: "Ivanti", versions: [ { status: "unaffected", version: "22.8R1", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<span style=\"background-color: rgb(255, 255, 255);\">Insufficient permissions in Ivanti Secure Access Client before version 22.8R1 allows a local authenticated attacker to delete arbitrary files.</span><span style=\"background-color: rgb(255, 255, 255);\"> </span>", }, ], value: "Insufficient permissions in Ivanti Secure Access Client before version 22.8R1 allows a local authenticated attacker to delete arbitrary files.", }, ], impacts: [ { capecId: "CAPEC-180", descriptions: [ { lang: "en", value: "CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.1, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-732", description: "CWE-732 Incorrect Permission Assignment for Critical Resource", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-02-11T15:26:57.315Z", orgId: "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", shortName: "ivanti", }, references: [ { url: "https://forums.ivanti.com/s/article/February-Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-and-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", assignerShortName: "ivanti", cveId: "CVE-2024-13813", datePublished: "2025-02-11T15:26:57.315Z", dateReserved: "2025-01-30T20:36:47.090Z", dateUpdated: "2025-02-11T16:01:48.354Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-35080
Vulnerability from cvelistv5
Published
2023-11-14 23:18
Modified
2025-01-07 18:56
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in the Ivanti Secure Access Windows client, which could allow a locally authenticated attacker to exploit a vulnerable configuration, potentially leading to various security risks, including the escalation of privileges, denial of service, or information disclosure.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Ivanti | Secure Access Client |
Version: 22.6.1.1 ≤ |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T16:23:58.310Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://forums.ivanti.com/s/article/Security-fixes-included-in-the-latest-Ivanti-Secure-Access-Client-Release", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-35080", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-01-07T18:55:15.855270Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-276", description: "CWE-276 Incorrect Default Permissions", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-07T18:56:18.735Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "Secure Access Client", vendor: "Ivanti", versions: [ { lessThan: "22.6.1.1", status: "affected", version: "22.6.1.1", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in the Ivanti Secure Access Windows client, which could allow a locally authenticated attacker to exploit a vulnerable configuration, potentially leading to various security risks, including the escalation of privileges, denial of service, or information disclosure.", }, ], metrics: [ { cvssV3_0: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, }, ], providerMetadata: { dateUpdated: "2023-11-14T23:18:08.387Z", orgId: "36234546-b8fa-4601-9d6f-f4e334aa8ea1", shortName: "hackerone", }, references: [ { url: "https://forums.ivanti.com/s/article/Security-fixes-included-in-the-latest-Ivanti-Secure-Access-Client-Release", }, ], }, }, cveMetadata: { assignerOrgId: "36234546-b8fa-4601-9d6f-f4e334aa8ea1", assignerShortName: "hackerone", cveId: "CVE-2023-35080", datePublished: "2023-11-14T23:18:08.387Z", dateReserved: "2023-06-13T01:00:11.784Z", dateUpdated: "2025-01-07T18:56:18.735Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-9842
Vulnerability from cvelistv5
Published
2024-11-12 16:12
Modified
2024-11-12 18:24
Severity ?
EPSS score ?
Summary
Incorrect permissions in Ivanti Secure Access Client before version 22.7R4 allows a local authenticated attacker to create arbitrary folders.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Ivanti | Secure Access Client |
Patch: 22.7R4 |
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-9842", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-12T18:24:43.136160Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-12T18:24:53.695Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "affected", product: "Secure Access Client", vendor: "Ivanti", versions: [ { status: "unaffected", version: "22.7R4", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<span style=\"background-color: rgb(255, 255, 255);\">Incorrect permissions in Ivanti Secure Access Client before version 22.7R4 allows a local authenticated attacker to create arbitrary folders. </span><span style=\"background-color: rgb(255, 255, 255);\"> </span>", }, ], value: "Incorrect permissions in Ivanti Secure Access Client before version 22.7R4 allows a local authenticated attacker to create arbitrary folders.", }, ], impacts: [ { capecId: "CAPEC-176", descriptions: [ { lang: "en", value: "CAPEC-176 Configuration/Environment Manipulation", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.3, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-732", description: "CWE-732 Incorrect Permission Assignment for Critical Resource", lang: "en", type: "CWE", }, ], }, { descriptions: [ { cweId: "CWE-267", description: "CWE-267: Privilege Defined With Unsafe Actions", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-11-12T16:12:12.164Z", orgId: "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", shortName: "ivanti", }, references: [ { url: "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", assignerShortName: "ivanti", cveId: "CVE-2024-9842", datePublished: "2024-11-12T16:12:12.164Z", dateReserved: "2024-10-10T20:57:43.190Z", dateUpdated: "2024-11-12T18:24:53.695Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-7571
Vulnerability from cvelistv5
Published
2024-11-12 16:14
Modified
2024-11-19 17:15
Severity ?
EPSS score ?
Summary
Incorrect permissions in Ivanti Secure Access Client before 22.7R4 allows a local authenticated attacker to escalate their privileges.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Ivanti | Secure Access Client |
Patch: 22.7R4 |
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:a:ivanti:secure_access_client:22.7r4:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "secure_access_client", vendor: "ivanti", versions: [ { status: "affected", version: "22.7r4", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2024-7571", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-19T17:14:16.296287Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-19T17:15:02.280Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "affected", product: "Secure Access Client", vendor: "Ivanti", versions: [ { status: "unaffected", version: "22.7R4", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<span style=\"background-color: rgb(255, 255, 255);\">Incorrect permissions in Ivanti Secure Access Client before 22.7R4 allows a local authenticated attacker to escalate their privileges.</span><span style=\"background-color: rgb(255, 255, 255);\"> </span>", }, ], value: "Incorrect permissions in Ivanti Secure Access Client before 22.7R4 allows a local authenticated attacker to escalate their privileges.", }, ], impacts: [ { capecId: "CAPEC-233", descriptions: [ { lang: "en", value: "CAPEC-233 Privilege Escalation", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-267", description: "CWE-267: Privilege Defined With Unsafe Actions", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-11-12T16:14:02.778Z", orgId: "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", shortName: "ivanti", }, references: [ { url: "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", assignerShortName: "ivanti", cveId: "CVE-2024-7571", datePublished: "2024-11-12T16:14:02.778Z", dateReserved: "2024-08-06T19:24:38.610Z", dateUpdated: "2024-11-19T17:15:02.280Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-29211
Vulnerability from cvelistv5
Published
2024-11-13 01:54
Modified
2024-11-13 16:49
Severity ?
EPSS score ?
Summary
A race condition in Ivanti Secure Access Client before version 22.7R4 allows a local authenticated attacker to modify sensitive configuration files.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Ivanti | Secure Access Client |
Version: 22.7R4 < 22.7R4 |
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-29211", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-13T16:49:09.449581Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { description: "CWE-noinfo Not enough information", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-11-13T16:49:48.676Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "Secure Access Client", vendor: "Ivanti", versions: [ { lessThan: "22.7R4", status: "affected", version: "22.7R4", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "A race condition in Ivanti Secure Access Client before version 22.7R4 allows a local authenticated attacker to modify sensitive configuration files.", }, ], metrics: [ { cvssV3_0: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", version: "3.0", }, }, ], providerMetadata: { dateUpdated: "2024-11-13T01:54:45.547Z", orgId: "36234546-b8fa-4601-9d6f-f4e334aa8ea1", shortName: "hackerone", }, references: [ { url: "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs", }, ], }, }, cveMetadata: { assignerOrgId: "36234546-b8fa-4601-9d6f-f4e334aa8ea1", assignerShortName: "hackerone", cveId: "CVE-2024-29211", datePublished: "2024-11-13T01:54:45.547Z", dateReserved: "2024-03-19T01:04:06.323Z", dateUpdated: "2024-11-13T16:49:48.676Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-38042
Vulnerability from cvelistv5
Published
2024-05-31 17:38
Modified
2024-08-02 17:30
Severity ?
EPSS score ?
Summary
A local privilege escalation vulnerability in Ivanti Secure Access Client for Windows allows a low privileged user to execute code as SYSTEM.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Ivanti | Secure Access Client |
Version: 22.7R1 ≤ |
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:a:ivanti:secure_access_client:*:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "secure_access_client", vendor: "ivanti", versions: [ { lessThan: "22.7r1", status: "affected", version: "0", versionType: "semver", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2023-38042", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-07-25T18:16:02.339714Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-250", description: "CWE-250 Execution with Unnecessary Privileges", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-07-25T18:26:38.285Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-02T17:30:12.374Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://forums.ivanti.com/s/article/Security-Advisory-May-2024?language=en_US", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "Secure Access Client", vendor: "Ivanti", versions: [ { lessThan: "22.7R1", status: "affected", version: "22.7R1", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "A local privilege escalation vulnerability in Ivanti Secure Access Client for Windows allows a low privileged user to execute code as SYSTEM. ", }, ], metrics: [ { cvssV3_0: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], providerMetadata: { dateUpdated: "2024-05-31T17:38:31.427Z", orgId: "36234546-b8fa-4601-9d6f-f4e334aa8ea1", shortName: "hackerone", }, references: [ { url: "https://forums.ivanti.com/s/article/Security-Advisory-May-2024?language=en_US", }, ], }, }, cveMetadata: { assignerOrgId: "36234546-b8fa-4601-9d6f-f4e334aa8ea1", assignerShortName: "hackerone", cveId: "CVE-2023-38042", datePublished: "2024-05-31T17:38:31.427Z", dateReserved: "2023-07-12T01:00:11.881Z", dateUpdated: "2024-08-02T17:30:12.374Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-8539
Vulnerability from cvelistv5
Published
2024-11-12 16:11
Modified
2024-11-12 18:26
Severity ?
EPSS score ?
Summary
Improper authorization in Ivanti Secure Access Client before version 22.7R3 allows a local authenticated attacker to modify sensitive configuration files.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Ivanti | Secure Access Client |
Patch: 22.7R3 |
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:a:ivanti:secure_access_client:*:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "secure_access_client", vendor: "ivanti", versions: [ { status: "affected", version: "22.7R3", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2024-8539", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-12T18:25:46.112350Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-12T18:26:45.187Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "affected", product: "Secure Access Client", vendor: "Ivanti", versions: [ { status: "unaffected", version: "22.7R3", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<span style=\"background-color: rgb(255, 255, 255);\">Improper authorization in Ivanti Secure Access Client before version 22.7R3 allows a local authenticated attacker to modify sensitive configuration files. </span>", }, ], value: "Improper authorization in Ivanti Secure Access Client before version 22.7R3 allows a local authenticated attacker to modify sensitive configuration files.", }, ], impacts: [ { capecId: "CAPEC-176", descriptions: [ { lang: "en", value: "CAPEC-176 Configuration/Environment Manipulation", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.1, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-267", description: "CWE-267: Privilege Defined With Unsafe Actions", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-11-12T16:11:07.141Z", orgId: "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", shortName: "ivanti", }, references: [ { url: "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", assignerShortName: "ivanti", cveId: "CVE-2024-8539", datePublished: "2024-11-12T16:11:07.141Z", dateReserved: "2024-09-06T18:11:22.909Z", dateUpdated: "2024-11-12T18:26:45.187Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-38654
Vulnerability from cvelistv5
Published
2024-11-13 01:54
Modified
2024-11-13 17:01
Severity ?
EPSS score ?
Summary
Improper bounds checking in Ivanti Secure Access Client before version 22.7R3 allows a local authenticated attacker with admin privileges to cause a denial of service.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Ivanti | Secure Access Client |
Version: 22.7R3 < 22.7R3 |
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-38654", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-13T16:59:41.280532Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-125", description: "CWE-125 Out-of-bounds Read", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-11-13T17:01:06.962Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "Secure Access Client", vendor: "Ivanti", versions: [ { lessThan: "22.7R3", status: "affected", version: "22.7R3", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "Improper bounds checking in Ivanti Secure Access Client before version 22.7R3 allows a local authenticated attacker with admin privileges to cause a denial of service.", }, ], metrics: [ { cvssV3_0: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, }, ], providerMetadata: { dateUpdated: "2024-11-13T01:54:45.470Z", orgId: "36234546-b8fa-4601-9d6f-f4e334aa8ea1", shortName: "hackerone", }, references: [ { url: "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs", }, ], }, }, cveMetadata: { assignerOrgId: "36234546-b8fa-4601-9d6f-f4e334aa8ea1", assignerShortName: "hackerone", cveId: "CVE-2024-38654", datePublished: "2024-11-13T01:54:45.470Z", dateReserved: "2024-06-19T01:04:07.138Z", dateUpdated: "2024-11-13T17:01:06.962Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2025-22454
Vulnerability from cvelistv5
Published
2025-03-11 14:11
Modified
2025-03-12 04:00
Severity ?
EPSS score ?
Summary
Insufficiently restrictive permissions in Ivanti Secure Access Client before 22.7R4 allows a local authenticated attacker to escalate their privileges.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Ivanti | Secure Access Client |
Patch: 22.7R4 Patch: 22.8R1 |
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2025-22454", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-11T00:00:00+00:00", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-12T04:00:43.923Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "affected", product: "Secure Access Client", vendor: "Ivanti", versions: [ { status: "unaffected", version: "22.7R4", versionType: "custom", }, { status: "unaffected", version: "22.8R1", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: " Insufficiently restrictive permissions in Ivanti Secure Access Client before 22.7R4 allows a local authenticated attacker to escalate their privileges.", }, ], value: "Insufficiently restrictive permissions in Ivanti Secure Access Client before 22.7R4 allows a local authenticated attacker to escalate their privileges.", }, ], impacts: [ { capecId: "CAPEC-233", descriptions: [ { lang: "en", value: "CAPEC-233 Privilege Escalation", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-732", description: "CWE-732 Incorrect Permission Assignment for Critical Resource", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-11T14:11:30.497Z", orgId: "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", shortName: "ivanti", }, references: [ { url: "https://forums.ivanti.com/s/article/March-Security-Advisory-Ivanti-Secure-Access-Client-ISAC-CVE-2025-22454", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", assignerShortName: "ivanti", cveId: "CVE-2025-22454", datePublished: "2025-03-11T14:11:30.497Z", dateReserved: "2025-01-07T02:19:22.796Z", dateUpdated: "2025-03-12T04:00:43.923Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-9843
Vulnerability from cvelistv5
Published
2024-11-12 16:13
Modified
2024-11-12 17:21
Severity ?
EPSS score ?
Summary
A buffer over-read in Ivanti Secure Access Client before 22.7R4 allows a local unauthenticated attacker to cause a denial of service.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Ivanti | Secure Access Client |
Patch: 22.7R4 |
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:a:ivanti:secure_access_client:*:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "secure_access_client", vendor: "ivanti", versions: [ { status: "affected", version: "22.7r4", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2024-9843", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-12T17:20:52.456914Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-12T17:21:52.651Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "affected", product: "Secure Access Client", vendor: "Ivanti", versions: [ { status: "unaffected", version: "22.7R4", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<span style=\"background-color: rgb(255, 255, 255);\">A buffer over-read in Ivanti Secure Access Client before 22.7R4 allows a local unauthenticated attacker to cause a denial of service.</span><span style=\"background-color: rgb(255, 255, 255);\"> </span>", }, ], value: "A buffer over-read in Ivanti Secure Access Client before 22.7R4 allows a local unauthenticated attacker to cause a denial of service.", }, ], impacts: [ { capecId: "CAPEC-10", descriptions: [ { lang: "en", value: "CAPEC-10 Buffer Overflow via Environment Variables", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-126", description: "CWE-126: Buffer Over-read", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-11-12T16:13:09.060Z", orgId: "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", shortName: "ivanti", }, references: [ { url: "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", assignerShortName: "ivanti", cveId: "CVE-2024-9843", datePublished: "2024-11-12T16:13:09.060Z", dateReserved: "2024-10-10T20:57:44.133Z", dateUpdated: "2024-11-12T17:21:52.651Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-38041
Vulnerability from cvelistv5
Published
2023-10-25 00:24
Modified
2025-03-07 18:23
Severity ?
EPSS score ?
Summary
A logged in user may elevate its permissions by abusing a Time-of-Check to Time-of-Use (TOCTOU) race condition. When a particular process flow is initiated, an attacker can exploit this condition to gain unauthorized elevated privileges on the affected system.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Ivanti | Secure Access Client |
Version: 22.6R1 ≤ |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T17:30:13.558Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://forums.ivanti.com/s/article/CVE-2023-38041-New-client-side-release-to-address-a-privilege-escalation-on-Windows-user-machines?language=en_US", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-38041", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-06T15:26:53.339826Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-367", description: "CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-07T18:23:51.147Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "Secure Access Client", vendor: "Ivanti", versions: [ { lessThan: "22.6R1", status: "affected", version: "22.6R1", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "A logged in user may elevate its permissions by abusing a Time-of-Check to Time-of-Use (TOCTOU) race condition. When a particular process flow is initiated, an attacker can exploit this condition to gain unauthorized elevated privileges on the affected system.", }, ], metrics: [ { cvssV3_0: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], providerMetadata: { dateUpdated: "2023-10-25T00:24:34.090Z", orgId: "36234546-b8fa-4601-9d6f-f4e334aa8ea1", shortName: "hackerone", }, references: [ { url: "https://forums.ivanti.com/s/article/CVE-2023-38041-New-client-side-release-to-address-a-privilege-escalation-on-Windows-user-machines?language=en_US", }, ], }, }, cveMetadata: { assignerOrgId: "36234546-b8fa-4601-9d6f-f4e334aa8ea1", assignerShortName: "hackerone", cveId: "CVE-2023-38041", datePublished: "2023-10-25T00:24:34.090Z", dateReserved: "2023-07-12T01:00:11.881Z", dateUpdated: "2025-03-07T18:23:51.147Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-37398
Vulnerability from cvelistv5
Published
2024-11-13 01:54
Modified
2025-03-13 17:50
Severity ?
EPSS score ?
Summary
Insufficient validation in Ivanti Secure Access Client before 22.7R4 allows a local authenticated attacker to escalate their privileges.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Ivanti | Secure Access Client |
Version: 22.7R4 < 22.7R4 |
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:a:ivanti:secure_access_client:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "secure_access_client", vendor: "ivanti", versions: [ { lessThan: "22.7_r4", status: "affected", version: "0", versionType: "custom", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2024-37398", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-13T16:45:06.053110Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { description: "CWE-noinfo Not enough information", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-13T17:50:08.929Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "Secure Access Client", vendor: "Ivanti", versions: [ { lessThan: "22.7R4", status: "affected", version: "22.7R4", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "Insufficient validation in Ivanti Secure Access Client before 22.7R4 allows a local authenticated attacker to escalate their privileges.", }, ], metrics: [ { cvssV3_0: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], providerMetadata: { dateUpdated: "2024-11-13T01:54:45.406Z", orgId: "36234546-b8fa-4601-9d6f-f4e334aa8ea1", shortName: "hackerone", }, references: [ { url: "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs", }, ], }, }, cveMetadata: { assignerOrgId: "36234546-b8fa-4601-9d6f-f4e334aa8ea1", assignerShortName: "hackerone", cveId: "CVE-2024-37398", datePublished: "2024-11-13T01:54:45.406Z", dateReserved: "2024-06-08T01:04:07.093Z", dateUpdated: "2025-03-13T17:50:08.929Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }