Privilege Escalation in Ivanti WorkSpace Control Affecting Certain User Registries
CVE-2019-17066

7.8HIGH

Key Information:

Vendor: Ivanti
Status: Workspace Control
Vendor: CVE Published:; 18 May 2020

Summary

Prior to version 10.4.40.0, Ivanti WorkSpace Control is susceptible to privilege escalation due to a flaw in the way the application manages user registry hives. Specifically, the component pwrgrid.exe improperly checks the Current User registry hives (HKCU) when initializing applications with elevated rights. As a result, a locally authenticated user with limited privileges may exploit this oversight to hijack specific user registry entries and gain administrative privileges on the system.

References

https://forums.ivanti.com/s/article/A-locally-authenticat...

x_refsource_CONFIRM

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
May 18, 2020
Vulnerability Reserved
Oct 1, 2019