CVE-2024-10256

🗓️ 10 Dec 2024 18:46:01Reported by ivantiType

Insufficient permissions in Ivanti Patch SDK allow file deletion by local authenticated attackers.

Reporter	Title	Published	Views	Family All 11
Circl	CVE-2024-10256	10 Dec 202419:28	–	circl
CNNVD	Ivanti Patch SDK 安全漏洞	10 Dec 202400:00	–	cnnvd
CNVD	Ivanti Patch SDK Permission Issues Vulnerability	23 Dec 202400:00	–	cnvd
Cvelist	CVE-2024-10256	10 Dec 202418:46	–	cvelist
EUVD	EUVD-2024-33494	3 Oct 202520:07	–	euvd
Ivanti	Security Advisory Ivanti Patch SDK (CVE-2024-10256)	10 Dec 202417:51	–	ivanti
NVD	CVE-2024-10256	10 Dec 202419:15	–	nvd
OSV	CVE-2024-10256	10 Dec 202419:15	–	osv
Positive Technologies	PT-2024-16139 · Ivanti · Ivanti Patch Sdk	10 Dec 202400:00	–	ptsecurity
RedhatCVE	CVE-2024-10256	5 Feb 202505:02	–	redhatcve

NVD

Vulners

Node

ivanti endpoint_managerMatch2022-

ivanti endpoint_managerMatch2022su1

ivanti endpoint_managerMatch2022su2

ivanti endpoint_managerMatch2022su3

ivanti endpoint_managerMatch2022su4

ivanti endpoint_managerMatch2022su5

ivanti endpoint_managerMatch2022su6

ivanti endpoint_managerMatch2024-

ivanti neurons_agent_platformRange<2024.4

ivanti neurons_for_patch_managementRange<2024.4

ivanti patch_for_configuration_managerRange<2024.4

ivanti patch_software_development_kitRange<9.7.703

ivanti security_controlsRange<2024.4

[
  {
    "defaultStatus": "affected",
    "product": "Patch SDK",
    "vendor": "Ivanti",
    "versions": [
      {
        "status": "unaffected",
        "version": "9.7.703"
      }
    ]
  },
  {
    "defaultStatus": "affected",
    "product": "Endpoint Manager",
    "vendor": "Ivanti",
    "versions": [
      {
        "status": "unaffected",
        "version": "2024 November Security Update",
        "versionType": "custom"
      },
      {
        "status": "unaffected",
        "version": "2022 SU6 November Security Update",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "affected",
    "product": "Security Controls",
    "vendor": "Ivanti",
    "versions": [
      {
        "status": "unaffected",
        "version": "2024.4",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "affected",
    "product": "Patch for Configuration Manager",
    "vendor": "Ivanti",
    "versions": [
      {
        "status": "unaffected",
        "version": "2024.4",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "affected",
    "product": "Neurons for Patch Management",
    "vendor": "Ivanti",
    "versions": [
      {
        "status": "unaffected",
        "version": "2024.4",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "affected",
    "product": "Neurons Agent Platform",
    "vendor": "Ivanti",
    "versions": [
      {
        "status": "unaffected",
        "version": "2024.4",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
forums	www.forums.ivanti.com/s/article/Security-Advisory-Ivanti-Patch-SDK-CVE-2024-10256

12 Aug 2025 19:04Current

6.8Medium risk

Vulners AI Score6.8

CVSS 3.17.1

EPSS0.00137

SSVC

CWE-732