Local Admin Can Cause DoS via Improper Bounds Checking
CVE-2024-38654

Currently unrated

Key Information:

Vendor: Ivanti
Status: Secure Access Client
Vendor: CVE Published:; 13 November 2024

What is CVE-2024-38654?

Improper bounds checking in Ivanti Secure Access Client before version 22.7R3 allows a local authenticated attacker with admin privileges to cause a denial of service.

References

https://forums.ivanti.com/s/article/Security-Advisory-Iva...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 13, 2024