142 matches found
February Security Advisory Ivanti Connect Secure (ICS),Ivanti Policy Secure (IPS) and Ivanti Secure Access Client (ISAC) (Multiple CVEs)
Summary Ivanti has released updates for Ivanti Connect Secure ICS,Ivanti Policy Secure IPS and Ivanti Secure Access Client ISAC which addresses medium, high and critical severity vulnerabilities. We are not aware of any customers being exploited by these vulnerabilities at the time of disclosure...
Ivanti Secure Access Client 安全漏洞
Ivanti Secure Access Client is a security software client developed by Ivanti, Inc. to enable remote secure access, supporting enterprise-class VPN connections and encrypted access to resources. Ivanti Secure Access Client suffers from a privilege issue vulnerability that can be exploited by an...
CVE-2024-7571
Incorrect permissions in Ivanti Secure Access Client before 22.7R4 allows a local authenticated attacker to escalate their privileges...
CVE-2024-29211
A race condition in Ivanti Secure Access Client before version 22.7R4 allows a local authenticated attacker to modify sensitive configuration files...
CVE-2024-37398
Insufficient validation in Ivanti Secure Access Client before 22.7R4 allows a local authenticated attacker to escalate their privileges...
CVE-2024-8539
Improper authorization in Ivanti Secure Access Client before version 22.7R3 allows a local authenticated attacker to modify sensitive configuration files...
The vulnerability of the VPN server in corporate networks of Ivanti Secure Access Client (formerly Pulse Secure Desktop Client) – related to synchronization errors when using a shared resource (“Race Situation”) – allows a hacker to modify confidential configuration files.
The vulnerability of the VPN server for corporate networks of Ivanti Secure Access Client ISAC, previously known as Pulse Secure Desktop Client, on Windows operating systems is related to synchronization errors when using a shared resource. Exploiting this vulnerability could allow an attacker to...
Ivanti Secure Access Client Elevation of Privilege Vulnerability
Ivanti Secure Access Client is a security software client developed by Ivanti, Inc. to enable remote secure access, supporting enterprise-class VPN connections and encrypted access to resources. An elevation of privilege vulnerability exists in Ivanti Secure Access Client, which stems from the...
Ivanti Secure Access Client Privilege Issue Vulnerability
Ivanti Secure Access Client is a security software client developed by Ivanti, Inc. that is primarily used to enable remote secure access with support for enterprise-class VPN connections and encrypted access to resources. Ivanti Secure Access Client is vulnerable to a privilege issue vulnerabili...
Ivanti Secure Access Client Improper Authorization Vulnerability
Ivanti Secure Access Client is a security software client developed by Ivanti, Inc. that is primarily used to enable remote secure access with support for enterprise-class VPN connections and encrypted access to resources. Ivanti Secure Access Client suffers from an improper authorization...
CVE-2024-37398
Insufficient validation in Ivanti Secure Access Client before 22.7R4 allows a local authenticated attacker to escalate their privileges...
CVE-2024-38654
Improper bounds checking in Ivanti Secure Access Client before version 22.7R3 allows a local authenticated attacker with admin privileges to cause a denial of service...
CVE-2024-29211
A race condition in Ivanti Secure Access Client before version 22.7R4 allows a local authenticated attacker to modify sensitive configuration files...
CVE-2024-37398
CVE-2024-37398 relates to Ivanti Secure Access Client. The issue is caused by insufficient input validation in the client before version 22.7R4, enabling a local authenticated attacker to escalate privileges (local, initial access via the client). The CVE is also observed in related Ivanti produc...
CVE-2024-38654
Improper bounds checking in Ivanti Secure Access Client before version 22.7R3 allows a local authenticated attacker with admin privileges to cause a denial of service...
CVE-2024-29211
A race condition in Ivanti Secure Access Client before version 22.7R4 allows a local authenticated attacker to modify sensitive configuration files...
CVE-2024-38654
CVE-2024-38654 affects Ivanti Secure Access Client prior to version 22.7R3. The issue is due to improper bounds checking (a buffer copy without size validation), which can be exploited by a local authenticated attacker with admin privileges to cause a denial of service. The coordinated remediatio...
CVE-2024-38654
Improper bounds checking in Ivanti Secure Access Client before version 22.7R3 allows a local authenticated attacker with admin privileges to cause a denial of service...
CVE-2024-37398
Insufficient validation in Ivanti Secure Access Client before 22.7R4 allows a local authenticated attacker to escalate their privileges...
Ivanti Secure Access Client 竞争条件问题漏洞
Ivanti Secure Access Client is a security software client developed by Ivanti, Inc. that is primarily used to enable remote secure access with support for enterprise-class VPN connections and encrypted access to resources. Ivanti Secure Access Client suffers from a competitive condition...