Local Privilege Escalation Vulnerability Affects Ivanti Secure Access Client for Linux
CVE-2023-46810

7.3HIGH

Key Information:

Vendor: Ivanti
Status: Secure Access Linux
Vendor: CVE Published:; 31 May 2024

Summary

The Ivanti Secure Access Client for Linux prior to version 22.7R1 contains a local privilege escalation vulnerability that allows low privileged users to execute arbitrary code with root privileges. This security flaw poses significant risks, enabling potential unauthorized access and control over the system, which could lead to further exploits and data breaches. Users utilizing affected versions are advised to update promptly to mitigate exposure to this vulnerability.

Affected Version(s)

Secure Access Linux 22.7R1

References

https://forums.ivanti.com/s/article/Security-Advisory-May...

CVSS V3.1

Score:

7.3

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
May 31, 2024
Vulnerability Reserved
Oct 27, 2023

Collectors

NVD DatabaseMitre Database