Secure Access Client Security Vulnerabilities and Issues — Secure Access Client CVE List

Lucene search

IvantiSecure Access Client

10 matches found

CVE•added 2024/05/03 2:15 a.m.•47 views

CVE-2023-34298

Pulse Secure Client SetupService Directory Traversal Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Pulse Secure Client. An attacker must first obtain the ability to execute low-privileged code on the target sy...

7.8CVSS7.8AI score0.00085EPSS

CVE•added 2024/11/13 2:15 a.m.•44 views

CVE-2024-29211

A race condition in Ivanti Secure Access Client before version 22.7R4 allows a local authenticated attacker to modify sensitive configuration files.

7.1CVSS6.5AI score0.00089EPSS

CVE•added 2024/11/13 2:15 a.m.•44 views

CVE-2024-38654

Improper bounds checking in Ivanti Secure Access Client before version 22.7R3 allows a local authenticated attacker with admin privileges to cause a denial of service.

4.4CVSS6.7AI score0.0005EPSS

CVE•added 2024/05/31 6:15 p.m.•42 views

CVE-2023-38042

A local privilege escalation vulnerability in Ivanti Secure Access Client for Windows allows a low privileged user to execute code as SYSTEM.

7.8CVSS7.6AI score0.00139EPSS

CVE•added 2024/11/13 2:15 a.m.•41 views

CVE-2024-37398

Insufficient validation in Ivanti Secure Access Client before 22.7R4 allows a local authenticated attacker to escalate their privileges.

7.8CVSS6.9AI score0.00099EPSS

CVE•added 2024/11/12 5:15 p.m.•39 views

CVE-2024-7571

Incorrect permissions in Ivanti Secure Access Client before 22.7R4 allows a local authenticated attacker to escalate their privileges.

7.8CVSS6.8AI score0.00141EPSS

CVE•added 2024/11/12 5:15 p.m.•39 views

CVE-2024-9843

A buffer over-read in Ivanti Secure Access Client before 22.7R4 allows a local unauthenticated attacker to cause a denial of service.

5.5CVSS6.9AI score0.0003EPSS

CVE•added 2024/11/12 5:15 p.m.•37 views

CVE-2024-8539

Improper authorization in Ivanti Secure Access Client before version 22.7R3 allows a local authenticated attacker to modify sensitive configuration files.

7.1CVSS6.4AI score0.00115EPSS

CVE•added 2024/11/12 5:15 p.m.•35 views

CVE-2024-9842

Incorrect permissions in Ivanti Secure Access Client before version 22.7R4 allows a local authenticated attacker to create arbitrary folders.

7.3CVSS6.7AI score0.00108EPSS

CVE•added 2024/05/31 6:15 p.m.•33 views

CVE-2023-46810

A local privilege escalation vulnerability in Ivanti Secure Access Client for Linux before 22.7R1, allows a low privileged user to execute code as root.

7.3CVSS7.6AI score0.00088EPSS