Vulnerability Details CVE-2019-17066
In Ivanti WorkSpace Control before 10.4.40.0, a user can elevate rights on the system by hijacking certain user registries. This is possible because pwrgrid.exe first checks the Current User registry hives (HKCU) when starting an application with elevated rights.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 31.4%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 7.2
References
- https://forums.ivanti.com/s/article/A-locally-authenticated-user-with-low-privileges-can-acquire-admin-privileges-by-hijacking-certain-user-registry-entries
- https://forums.ivanti.com/s/article/A-locally-authenticated-user-with-low-privileges-can-acquire-admin-privileges-by-hijacking-certain-user-registry-entries
Products affected by CVE-2019-17066
-
cpe:2.3:a:ivanti:workspace_control:-
-
cpe:2.3:a:ivanti:workspace_control:10.1.0.0
-
cpe:2.3:a:ivanti:workspace_control:10.2.0.0
-
cpe:2.3:a:ivanti:workspace_control:10.2.0.1
-
cpe:2.3:a:ivanti:workspace_control:10.2.500.1
-
cpe:2.3:a:ivanti:workspace_control:10.2.600.1
-
cpe:2.3:a:ivanti:workspace_control:10.2.700.1
-
cpe:2.3:a:ivanti:workspace_control:10.2.800.0
-
cpe:2.3:a:ivanti:workspace_control:10.2.900.1
-
cpe:2.3:a:ivanti:workspace_control:10.2.950.0
-
cpe:2.3:a:ivanti:workspace_control:10.3.0.0
-
cpe:2.3:a:ivanti:workspace_control:10.3.10.0
-
cpe:2.3:a:ivanti:workspace_control:10.3.110.0
-
cpe:2.3:a:ivanti:workspace_control:10.3.180.0
-
cpe:2.3:a:ivanti:workspace_control:10.3.20.0
-
cpe:2.3:a:ivanti:workspace_control:10.3.30.0
-
cpe:2.3:a:ivanti:workspace_control:10.3.40.0
-
cpe:2.3:a:ivanti:workspace_control:10.3.50.0
-
cpe:2.3:a:ivanti:workspace_control:10.3.90.0
-
cpe:2.3:a:ivanti:workspace_control:10.4.30.0