Privilege Escalation in Ivanti Secure Access Client by Ivanti
CVE-2026-7432

7.8HIGH

Key Information:

Vendor: Ivanti
Status: Secure Access Client
Vendor: CVE Published:; 12 May 2026

What is CVE-2026-7432?

A privilege escalation vulnerability exists in the Ivanti Secure Access Client due to a race condition that can be exploited by locally authenticated users. This flaw allows malicious users to elevate their privileges to that of the SYSTEM, potentially compromising system integrity and security. Users are advised to update to version 22.8R6 or later to mitigate this risk.

Affected Version(s)

Secure Access Client Windows 22.8R6

References

https://hub.ivanti.com/s/article/May-2026-Security-Adviso...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 12, 2026
Vulnerability Reserved
Apr 29, 2026

CVE-2026-7432 Data

JSON