179 matches found
CVE-2025-22463
A hardcoded key in Ivanti Workspace Control before version 10.19.10.0 allows a local authenticated attacker to decrypt the stored environment password...
CVE-2025-22455
A hardcoded key in Ivanti Workspace Control before version 10.19.0.0 allows a local authenticated attacker to decrypt stored SQL credentials...
CVE-2025-22455
A hardcoded key in Ivanti Workspace Control before version 10.19.0.0 allows a local authenticated attacker to decrypt stored SQL credentials...
CVE-2025-22455
Ivanti Workspace Control is affected by CVE-2025-22455 due to a hardcoded key that can allow a local authenticated attacker to decrypt stored SQL credentials. The vulnerability concerns versions before 10.19.0.0 (per initial CVE description) with broader remediation references indicating fixes fo...
Security Advisory Ivanti Workspace Control (CVE-2025-5353, CVE- CVE-2025-22463, CVE-2025-22455)
Summary Ivanti has released updates for Ivanti Workspace Control which address three high severity vulnerabilities. Successful exploitation could lead to credential compromise. We are not aware of any customers being exploited by these vulnerabilities at the time of disclosure. Vulnerability...
Ivanti Workspace Control 安全漏洞
Ivanti Workspace Control is a suite of workspace control software from Ivanti USA. The software includes features such as user management, application management and report management. A security vulnerability exists in Ivanti Workspace Control versions prior to 10.19.10.0, which stems from a...
PT-2025-24665 · Ivanti · Ivanti Workspace Control
Name of the Vulnerable Software and Affected Versions: Ivanti Workspace Control versions prior to 10.19.10.0 Description: A hardcoded key in the software allows a local authenticated attacker to decrypt the stored environment password. This issue enables an attacker with local access to potential...
PT-2025-24664 · Ivanti · Ivanti Workspace Control
Name of the Vulnerable Software and Affected Versions: Ivanti Workspace Control versions prior to 10.19.0.0 Description: A hardcoded key in the software allows a local authenticated attacker to decrypt stored SQL credentials. Recommendations: For versions prior to 10.19.0.0, update to version...
PT-2025-24669 · Ivanti · Ivanti Workspace Control
Name of the Vulnerable Software and Affected Versions: Ivanti Workspace Control versions prior to 10.19.10.0 Description: A hardcoded key in the software allows a local authenticated attacker to decrypt stored SQL credentials. Recommendations: For versions prior to 10.19.10.0, update to version...
Ivanti Workspace Control 安全漏洞
Ivanti Workspace Control is a suite of workspace control software from Ivanti USA. The software includes features such as user management, application management and report management. A security vulnerability exists in Ivanti Workspace Control versions prior to 10.19.10.0, which stems from a...
Ivanti Workspace Control 安全漏洞
Ivanti Workspace Control is a suite of workspace control software from Ivanti USA. The software includes features such as user management, application management and report management. A security vulnerability exists in Ivanti Workspace Control prior to version 10.19.0.0, which stems from a...
CVE-2022-21823
A insecure storage of sensitive information vulnerability exists in Ivanti Workspace Control 2021.2 10.7.30.0 that could allow an attacker with locally authenticated low privileges to obtain key information due to an unspecified attack vector...
CVE-2021-36235
An issue was discovered in Ivanti Workspace Control before 10.6.30.0. A locally authenticated user with low privileges can bypass File and Folder Security by leveraging an unspecified attack vector. As a result, the attacker can start applications with elevated privileges...
CVE-2020-11533
Ivanti Workspace Control before 10.4.30.0, when SCCM integration is enabled, allows local users to obtain sensitive information keying material...
CVE-2019-19675
In Ivanti Workspace Control before 10.3.180.0. a locally authenticated user with low privileges can bypass Managed Application Security by leveraging an unspecified attack vector in Workspace Preferences, when it is enabled. As a result, the attacker can start applications that should be blocked...
CVE-2019-19138
Ivanti Workspace Control before 10.4.50.0 allows attackers to degrade integrity...
CVE-2019-10885
An issue was discovered in Ivanti Workspace Control before 10.3.90.0. Local authenticated users with low privileges in a Workspace Control managed session can bypass Workspace Control security features configured for this session by resetting the session context...
CVE-2019-16382
An issue was discovered in Ivanti Workspace Control 10.3.110.0. One is able to bypass Ivanti's FileGuard folder protection by renaming the WMTemp work folder used by PowerGrid. A malicious PowerGrid XML file can then be created, after which the folder is renamed back to its original value. Also,...
CVE-2024-44106
Insufficient server-side controls in the management console of Ivanti Workspace Control before version 2025.2 10.19.0.0 allows a local authenticated attacker to escalate their privileges...
CVE-2024-44104
An incorrectly implemented authentication scheme that is subjected to a spoofing attack in the management console of Ivanti Workspace Control before version 2025.2 10.19.0.0 allows a local authenticated attacker to escalate their privileges...