Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Secure Access Client Security Vulnerabilities

cve
cve

CVE-2023-24491

A vulnerability has been discovered in the Citrix Secure Access client for Windows which, if exploited, could allow an attacker with access to an endpoint with Standard User Account that has the vulnerable client installed to escalate their local privileges to that of NT AUTHORITY\SYSTEM.

7.8CVSS

7.5AI Score

0.0004EPSS

2023-07-11 10:15 PM
26
cve
cve

CVE-2023-24492

A vulnerability has been discovered in the Citrix Secure Access client for Ubuntu which, if exploited, could allow an attacker to remotely execute code if a victim user opens an attacker-crafted link and accepts further prompts.

9.6CVSS

8.6AI Score

0.002EPSS

2023-07-11 10:15 PM
39
cve
cve

CVE-2023-35080

A vulnerability has been identified in the Ivanti Secure Access Windows client, which could allow a locally authenticated attacker to exploit a vulnerable configuration, potentially leading to various security risks, including the escalation of privileges, denial of service, or information disclosu...

7.8CVSS

8.4AI Score

0.0004EPSS

2023-11-15 12:15 AM
17
cve
cve

CVE-2023-38041

A logged in user may elevate its permissions by abusing a Time-of-Check to Time-of-Use (TOCTOU) race condition. When a particular process flow is initiated, an attacker can exploit this condition to gain unauthorized elevated privileges on the affected system.

7CVSS

7.6AI Score

0.0004EPSS

2023-10-25 06:17 PM
29
cve
cve

CVE-2023-38043

A vulnerability exists on all versions of the Ivanti Secure Access Client below 22.6R1.1, which could allow a locally authenticated attacker to exploit a vulnerable configuration, potentially leading to a denial of service (DoS) condition on the user machine and, in some cases, resulting in a full ...

7.8CVSS

8.2AI Score

0.0004EPSS

2023-11-15 12:15 AM
8
cve
cve

CVE-2023-38543

A vulnerability exists on all versions of the Ivanti Secure Access Client below 22.6R1.1, which could allow a locally authenticated attacker to exploit a vulnerable configuration, potentially leading to a denial of service (DoS) condition on the user machine.

7.8CVSS

8.2AI Score

0.0004EPSS

2023-11-15 12:15 AM
10
cve
cve

CVE-2023-38544

A logged in user can modify specific files that may lead to unauthorized changes in system-wide configuration settings. This vulnerability could be exploited to compromise the integrity and security of the network on the affected system.

5.5CVSS

5.2AI Score

0.0004EPSS

2023-11-15 12:15 AM
4
cve
cve

CVE-2023-41718

When a particular process flow is initiated, an attacker may be able to gain unauthorized elevated privileges on the affected system when having control over a specific file.

7.8CVSS

7.6AI Score

0.0004EPSS

2023-11-15 12:15 AM
7