Shodan
Vulnerabilities
Vulnerable Software
Ivanti:  >> Secure Access Client  >> 22.5  Security Vulnerabilities
CVE-2024-13813
Insufficient permissions in Ivanti Secure Access Client before version 22.8R1 allows a local authenticated attacker to delete arbitrary files.
CVSS Score
7.1
EPSS Score
0.0
Published
2025-02-11
CVE-2024-37398
Insufficient validation in Ivanti Secure Access Client before 22.7R4 allows a local authenticated attacker to escalate their privileges.
CVSS Score
7.8
EPSS Score
0.001
Published
2024-11-13
CVE-2024-29211
A race condition in Ivanti Secure Access Client before version 22.7R4 allows a local authenticated attacker to modify sensitive configuration files.
CVSS Score
7.1
EPSS Score
0.001
Published
2024-11-13
CVE-2024-8539
Improper authorization in Ivanti Secure Access Client before version 22.7R3 allows a local authenticated attacker to modify sensitive configuration files.
CVSS Score
7.1
EPSS Score
0.001
Published
2024-11-12
CVE-2024-9842
Incorrect permissions in Ivanti Secure Access Client before version 22.7R4 allows a local authenticated attacker to create arbitrary folders.
CVSS Score
7.3
EPSS Score
0.001
Published
2024-11-12
CVE-2024-9843
A buffer over-read in Ivanti Secure Access Client before 22.7R4 allows a local unauthenticated attacker to cause a denial of service.
CVSS Score
5.0
EPSS Score
0.0
Published
2024-11-12
CVE-2024-7571
Incorrect permissions in Ivanti Secure Access Client before 22.7R4 allows a local authenticated attacker to escalate their privileges.
CVSS Score
7.8
EPSS Score
0.001
Published
2024-11-12
CVE-2023-38543
A vulnerability exists on all versions of the Ivanti Secure Access Client below 22.6R1.1, which could allow a locally authenticated attacker to exploit a vulnerable configuration, potentially leading to a denial of service (DoS) condition on the user machine.
CVSS Score
8.8
EPSS Score
0.002
Published
2023-11-15
CVE-2023-35080
A vulnerability has been identified in the Ivanti Secure Access Windows client, which could allow a locally authenticated attacker to exploit a vulnerable configuration, potentially leading to various security risks, including the escalation of privileges, denial of service, or information disclosure.
CVSS Score
8.8
EPSS Score
0.006
Published
2023-11-15
CVE-2023-38043
A vulnerability exists on all versions of the Ivanti Secure Access Client below 22.6R1.1, which could allow a locally authenticated attacker to exploit a vulnerable configuration, potentially leading to a denial of service (DoS) condition on the user machine and, in some cases, resulting in a full compromise of the system.
CVSS Score
8.8
EPSS Score
0.003
Published
2023-11-15


Products
Pricing
Contact Us

Shodan ® - All rights reserved