Ivanti

Secure Access Client

18 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2025-22454

  • EPSS 0.13%
  • Published 11.03.2025 14:11:30
  • Last modified 16.07.2025 15:25:26

Insufficiently restrictive permissions in Ivanti Secure Access Client before 22.7R4 allows a local authenticated attacker to escalate their privileges.

7.1

CVE-2024-13813

  • EPSS 0.07%
  • Published 11.02.2025 16:15:39
  • Last modified 20.02.2025 15:56:04

Insufficient permissions in Ivanti Secure Access Client before version 22.8R1 allows a local authenticated attacker to delete arbitrary files.

4.4

CVE-2024-38654

  • EPSS 0.05%
  • Published 13.11.2024 02:15:18
  • Last modified 27.06.2025 18:45:18

Improper bounds checking in Ivanti Secure Access Client before version 22.7R3 allows a local authenticated attacker with admin privileges to cause a denial of service.

7.8

CVE-2024-37398

  • EPSS 0.11%
  • Published 13.11.2024 02:15:18
  • Last modified 18.11.2024 15:23:23

Insufficient validation in Ivanti Secure Access Client before 22.7R4 allows a local authenticated attacker to escalate their privileges.

4.7

CVE-2024-29211

  • EPSS 0.1%
  • Published 13.11.2024 02:15:16
  • Last modified 14.11.2024 19:09:01

A race condition in Ivanti Secure Access Client before version 22.7R4 allows a local authenticated attacker to modify sensitive configuration files.

5.5

CVE-2024-9843

  • EPSS 0.03%
  • Published 12.11.2024 17:15:11
  • Last modified 17.01.2025 20:00:21

A buffer over-read in Ivanti Secure Access Client before 22.7R4 allows a local unauthenticated attacker to cause a denial of service.

3.3

CVE-2024-9842

  • EPSS 0.11%
  • Published 12.11.2024 17:15:11
  • Last modified 17.01.2025 19:55:48

Incorrect permissions in Ivanti Secure Access Client before version 22.7R4 allows a local authenticated attacker to create arbitrary folders.

7.1

CVE-2024-8539

  • EPSS 0.11%
  • Published 12.11.2024 17:15:11
  • Last modified 17.01.2025 20:02:50

Improper authorization in Ivanti Secure Access Client before version 22.7R3 allows a local authenticated attacker to modify sensitive configuration files.

7.8

CVE-2024-7571

  • EPSS 0.14%
  • Published 12.11.2024 17:15:10
  • Last modified 17.01.2025 19:45:37

Incorrect permissions in Ivanti Secure Access Client before 22.7R4 allows a local authenticated attacker to escalate their privileges.

7.3

CVE-2023-46810

  • EPSS 0.09%
  • Published 31.05.2024 18:15:09
  • Last modified 13.03.2025 22:15:13

A local privilege escalation vulnerability in Ivanti Secure Access Client for Linux before 22.7R1, allows a low privileged user to execute code as root.