Folder Protection Bypass in Ivanti Workspace Control
CVE-2019-16382

9.8CRITICAL

Key Information:

Vendor: Ivanti
Status: Workspace Control
Vendor: CVE Published:; 19 March 2020

Summary

A security issue in Ivanti Workspace Control 10.3.110.0 allows attackers to bypass folder protection mechanisms. This is done by renaming the WMTemp work folder utilized by PowerGrid. Once the folder is renamed, a malicious PowerGrid XML file can be created, leading to further exploitation through the invocation of the /SEE parameter. This scenario not only circumvents Ivanti's FileGuard protections but also permits the execution of arbitrary commands from the manipulated XML file.

References

https://twitter.com/jmoosdijk

x_refsource_MISC

https://forums.ivanti.com/s/article/Security-Alert-Ivanti...

x_refsource_CONFIRM

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Mar 19, 2020
Vulnerability Reserved
Sep 17, 2019