cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-37398,https://securityvulnerability.io/vulnerability/CVE-2024-37398,Vulnerability in Ivanti Secure Access Client Could Allow Privilege Escalation,The vulnerability exists due to insufficient validation in the Ivanti Secure Access Client prior to version 22.7R4. A local authenticated attacker may exploit this flaw to escalate their privileges within the application environment. This vulnerability highlights the importance of robust validation mechanisms and timely updates to enhance security posture and protect sensitive information.,Ivanti,Secure Access Client,7.8,HIGH,0.0004299999854993075,false,false,false,false,,false,false,2024-11-13T02:15:00.000Z,0
CVE-2024-29211,https://securityvulnerability.io/vulnerability/CVE-2024-29211,Attackers Can Modify Sensitive Configuration Files via Race Condition in Ivanti Secure Access Client,"A vulnerability exists within the Ivanti Secure Access Client due to a race condition that enables local authenticated attackers to alter critical configuration files. This could lead to the unauthorized modification of settings essential for security and functionality, thereby compromising system integrity and security policies.",Ivanti,Secure Access Client,4.7,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-11-13T02:15:00.000Z,0
CVE-2023-38042,https://securityvulnerability.io/vulnerability/CVE-2023-38042,Local Privilege Escalation Vulnerability Affects Ivanti Secure Access Client for Windows,"A vulnerability found in the Ivanti Secure Access Client for Windows poses a serious risk by allowing low privileged users to execute arbitrary code with SYSTEM level privileges. This local privilege escalation flaw can lead to unauthorized access, potential data breaches, and the execution of malicious code within the affected environment. Organizations using the Ivanti Secure Access Client are urged to review their security measures and apply the necessary updates to prevent potential exploitation.",Ivanti,Secure Access Client,7.8,HIGH,0.0004299999854993075,false,false,false,false,,false,false,2024-05-31T17:38:31.427Z,0
CVE-2023-38043,https://securityvulnerability.io/vulnerability/CVE-2023-38043,Vulnerability in Ivanti Secure Access Client Could Lead to Denial of Service and System Compromise,"A vulnerability exists on all versions of the Ivanti Secure Access Client below 22.6R1.1, which could allow a locally authenticated attacker to exploit a vulnerable configuration, potentially leading to a denial of service (DoS) condition on the user machine and, in some cases, resulting in a full compromise of the system.",Ivanti,Secure Access Client Windows,7.8,HIGH,0.0004299999854993075,false,false,false,false,,false,false,2023-11-15T00:15:00.000Z,0
CVE-2023-35080,https://securityvulnerability.io/vulnerability/CVE-2023-35080,,"A vulnerability has been identified in the Ivanti Secure Access Windows client, which could allow a locally authenticated attacker to exploit a vulnerable configuration, potentially leading to various security risks, including the escalation of privileges, denial of service, or information disclosure.",Ivanti,Secure Access Client,7.8,HIGH,0.0004299999854993075,false,false,false,false,,false,false,2023-11-15T00:15:00.000Z,0
CVE-2023-38543,https://securityvulnerability.io/vulnerability/CVE-2023-38543,,"A vulnerability exists on all versions of the Ivanti Secure Access Client below 22.6R1.1, which could allow a locally authenticated attacker to exploit a vulnerable configuration, potentially leading to a denial of service (DoS) condition on the user machine.",Ivanti,Secure Access Client Windows,8.8,HIGH,0.0004299999854993075,false,false,false,false,,false,false,2023-11-15T00:15:00.000Z,0
CVE-2023-38041,https://securityvulnerability.io/vulnerability/CVE-2023-38041,,"A logged in user may elevate its permissions by abusing a Time-of-Check to Time-of-Use (TOCTOU) race condition. When a particular process flow is initiated, an attacker can exploit this condition to gain unauthorized elevated privileges on the affected system.",Ivanti,Secure Access Client,7,HIGH,0.0004299999854993075,false,false,false,true,true,false,false,2023-10-25T00:24:34.090Z,0