Shodan
Vulnerabilities
Vulnerable Software
Ivanti:  Security Vulnerabilities
CVE-2024-10630
A race condition in Ivanti Application Control Engine before version 10.14.4.0 allows a local authenticated attacker to bypass the application blocking functionality.
CVSS Score
7.8
EPSS Score
0.001
Published
2025-01-14
CVE-2025-0282
Known exploited
A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2, and Ivanti Neurons for ZTA gateways before version 22.7R2.3 allows a remote unauthenticated attacker to achieve remote code execution.
CVSS Score
9.0
EPSS Score
0.933
Published
2025-01-08
CVE-2025-0283
A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2, and Ivanti Neurons for ZTA gateways before version 22.7R2.3 allows a local authenticated attacker to escalate their privileges.
CVSS Score
7.0
EPSS Score
0.001
Published
2025-01-08
CVE-2024-37401
An out-of-bounds read in IPsec of Ivanti Connect Secure before version 22.7R2.1 allows a remote unauthenticated attacker to cause a denial of service.
CVSS Score
7.5
EPSS Score
0.033
Published
2024-12-12
CVE-2024-37377
A heap-based buffer overflow in IPsec of Ivanti Connect Secure before version 22.7R2.3 allows a remote unauthenticated attacker to cause a denial of service.
CVSS Score
7.5
EPSS Score
0.007
Published
2024-12-12
CVE-2024-8496
Under specific circumstances, insecure permissions in Ivanti Workspace Control before version 10.18.40.0 allows a local authenticated attacker to achieve local privilege escalation.
CVSS Score
7.8
EPSS Score
0.001
Published
2024-12-11
CVE-2024-9845
Under specific circumstances, insecure permissions in Ivanti Automation before version 2024.4.0.1 allows a local authenticated attacker to achieve local privilege escalation.
CVSS Score
7.8
EPSS Score
0.001
Published
2024-12-11
CVE-2024-10251
Under specific circumstances, insecure permissions in Ivanti Security Controls before version 2024.4.1 allows a local authenticated attacker to achieve local privilege escalation.
CVSS Score
7.8
EPSS Score
0.001
Published
2024-12-11
CVE-2024-11597
Under specific circumstances, insecure permissions in Ivanti Performance Manager before version 2024.3 HF1, 2024.1 HF1, or 2023.3 HF1 allows a local authenticated attacker to achieve local privilege escalation.
CVSS Score
7.8
EPSS Score
0.001
Published
2024-12-11
CVE-2024-11598
Under specific circumstances, insecure permissions in Ivanti Application Control before version 2024.3 HF1, 2024.1 HF2, or 2023.3 HF3 allows a local authenticated attacker to achieve local privilege escalation.
CVSS Score
7.8
EPSS Score
0.001
Published
2024-12-11


Products
Pricing
Contact Us

Shodan ® - All rights reserved