Local Authenticated Attacker Can Escalate Privileges via Incorrect File Permissions

CVE-2024-39709

Currently unrated 🤨

Key Information

Vendor: Ivanti
Vendor: CVE Published:; 13 November 2024

Summary

Incorrect file permissions in Ivanti Connect Secure before version 22.6R2 and Ivanti Policy Secure before version 22.6R1 allow a local authenticated attacker to escalate their privileges.

Timeline

Vulnerability published.
Nov 13, 2024

Collectors

NVD Database