7 matches found
CVE-2023-38041
A logged in user may elevate its permissions by abusing a Time-of-Check to Time-of-Use TOCTOU race condition. When a particular process flow is initiated, an attacker can exploit this condition to gain unauthorized elevated privileges on the affected system...
CVE-2023-38041
A logged in user may elevate its permissions by abusing a Time-of-Check to Time-of-Use TOCTOU race condition. When a particular process flow is initiated, an attacker can exploit this condition to gain unauthorized elevated privileges on the affected system...
CVE-2023-38041
A logged in user may elevate its permissions by abusing a Time-of-Check to Time-of-Use TOCTOU race condition. When a particular process flow is initiated, an attacker can exploit this condition to gain unauthorized elevated privileges on the affected system...
CVE-2023-38041
A logged in user may elevate its permissions by abusing a Time-of-Check to Time-of-Use TOCTOU race condition. When a particular process flow is initiated, an attacker can exploit this condition to gain unauthorized elevated privileges on the affected system...
CVE-2023-38041
CVE-2023-38041 affects Ivanti Secure Access Client prior to 22.6R1. A local unprivileged user can elevate privileges via a TOCTOU race in a specific process flow, enabling unauthorized elevated access on the system. The Ivanti forum entry provides a remediation: upgrade to version 22.6R1. The CVS...
CVE-2023-38041
A logged in user may elevate its permissions by abusing a Time-of-Check to Time-of-Use TOCTOU race condition. When a particular process flow is initiated, an attacker can exploit this condition to gain unauthorized elevated privileges on the affected system...
CVE-2023-38041 New client side release to address a privilege escalation on Windows user machines
Summary A vulnerability exists on all versions of the Ivanti Secure Access Client Below 22.6R1 that would allow an unprivileged local user to gain unauthorized elevated privileges on the affected system. Mitigation Currently None Resoluiton To resolve the below mentioned vulnerability upgrade you...