cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-29211,https://securityvulnerability.io/vulnerability/CVE-2024-29211,Attackers Can Modify Sensitive Configuration Files via Race Condition in Ivanti Secure Access Client,"A vulnerability exists within the Ivanti Secure Access Client due to a race condition that enables local authenticated attackers to alter critical configuration files. This could lead to the unauthorized modification of settings essential for security and functionality, thereby compromising system integrity and security policies.",Ivanti,Secure Access Client,4.7,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-11-13T02:15:00.000Z,0
CVE-2024-37398,https://securityvulnerability.io/vulnerability/CVE-2024-37398,Vulnerability in Ivanti Secure Access Client Could Allow Privilege Escalation,The vulnerability exists due to insufficient validation in the Ivanti Secure Access Client prior to version 22.7R4. A local authenticated attacker may exploit this flaw to escalate their privileges within the application environment. This vulnerability highlights the importance of robust validation mechanisms and timely updates to enhance security posture and protect sensitive information.,Ivanti,Secure Access Client,7.8,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-11-13T02:15:00.000Z,0
CVE-2024-9843,https://securityvulnerability.io/vulnerability/CVE-2024-9843,Buffer Over-read Vulnerability in Ivanti Secure Access Client,"A vulnerability in Ivanti Secure Access Client allows for a buffer over-read, which could be exploited by a local unauthenticated attacker. This may lead to a denial of service, affecting the availability and functionality of the application. Users utilizing versions of Ivanti Secure Access Client prior to 22.7R4 should take necessary measures to mitigate potential exposure to this vulnerability.",Ivanti,Secure Access Client,5.5,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-11-12T17:15:00.000Z,0
CVE-2024-7571,https://securityvulnerability.io/vulnerability/CVE-2024-7571,Privilege Escalation Flaw in Ivanti Secure Access Client Software,"A vulnerability exists in the Ivanti Secure Access Client that allows a local authenticated attacker to exploit incorrect permissions and escalate their privileges. This flaw affects versions prior to 22.7R4, potentially compromising the security of the system and allowing unauthorized access to critical resources.",Ivanti,Secure Access Client,7.8,HIGH,0.0004900000058114529,false,,false,false,false,,,false,false,,2024-11-12T17:15:00.000Z,0
CVE-2024-8539,https://securityvulnerability.io/vulnerability/CVE-2024-8539,Improper Authorization in Ivanti Secure Access Client Leading to Configuration File Alterations,"A vulnerability has been identified in the Ivanti Secure Access Client that affects versions prior to 22.7R3. This flaw allows a local authenticated attacker to gain unauthorized access to modify sensitive configuration files, potentially leading to unauthorized data manipulation and access control issues. Organizations using affected versions should take immediate action to upgrade to the latest version to mitigate this security risk.",Ivanti,Secure Access Client,7.1,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-11-12T17:15:00.000Z,0
CVE-2024-9842,https://securityvulnerability.io/vulnerability/CVE-2024-9842,Permissions Flaw in Ivanti Secure Access Client,"The Ivanti Secure Access Client prior to version 22.7R4 exhibits a permissions issue that enables a local authenticated attacker to create arbitrary folders within the application’s directory, potentially compromising system integrity and user data. This vulnerability underscores the necessity for users to update their software to the latest version to mitigate the risk.",Ivanti,Secure Access Client,3.3,LOW,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-11-12T17:15:00.000Z,0
CVE-2023-38042,https://securityvulnerability.io/vulnerability/CVE-2023-38042,Local Privilege Escalation Vulnerability Affects Ivanti Secure Access Client for Windows,"A vulnerability found in the Ivanti Secure Access Client for Windows poses a serious risk by allowing low privileged users to execute arbitrary code with SYSTEM level privileges. This local privilege escalation flaw can lead to unauthorized access, potential data breaches, and the execution of malicious code within the affected environment. Organizations using the Ivanti Secure Access Client are urged to review their security measures and apply the necessary updates to prevent potential exploitation.",Ivanti,Secure Access Client,7.8,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-05-31T17:38:31.427Z,0
CVE-2023-35080,https://securityvulnerability.io/vulnerability/CVE-2023-35080,Local Authentication Flaw in Ivanti Secure Access Windows Client,"A security vulnerability has been discovered in the Ivanti Secure Access Windows Client, where a locally authenticated attacker could exploit a vulnerable configuration. This flaw poses significant risks, including the potential for privilege escalation, denial of service, and unauthorized information disclosure. Organizations utilizing the Ivanti Secure Access Windows Client should remain vigilant and ensure they are using the updated versions to mitigate these security issues.",Ivanti,Secure Access Client,7.8,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2023-11-15T00:15:00.000Z,0
CVE-2023-38543,https://securityvulnerability.io/vulnerability/CVE-2023-38543,Denial of Service Vulnerability in Ivanti Secure Access Client,"The Ivanti Secure Access Client is vulnerable to a configuration issue that allows an authenticated local attacker to trigger a denial of service condition. This vulnerability impacts all versions prior to 22.6R1.1, potentially disrupting the functionality of the user’s machine. It's essential for users to upgrade to the latest version to mitigate this security risk.",Ivanti,Secure Access Client Windows,8.8,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2023-11-15T00:15:00.000Z,0
CVE-2023-38043,https://securityvulnerability.io/vulnerability/CVE-2023-38043,Vulnerability in Ivanti Secure Access Client Could Lead to Denial of Service and System Compromise,"A vulnerability exists in the Ivanti Secure Access Client that affects all versions below 22.6R1.1, allowing a locally authenticated attacker to exploit misconfigurations. This exploitation could result in a denial of service (DoS) condition on the affected machine, and in certain scenarios, it can facilitate a complete system compromise. Users of the Ivanti Secure Access Client are advised to upgrade to the latest version to mitigate potential risks and secure their systems.",Ivanti,Secure Access Client Windows,7.8,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2023-11-15T00:15:00.000Z,0
CVE-2023-38041,https://securityvulnerability.io/vulnerability/CVE-2023-38041,Privilege Escalation Vulnerability in Ivanti Endpoint Manager,"A logged-in user can exploit a Time-of-Check to Time-of-Use (TOCTOU) race condition in Ivanti Endpoint Manager, allowing them to elevate their privileges illegitimately. This vulnerability permits an attacker to initiate a process flow that, if timed correctly, circumvents built-in security measures, resulting in unauthorized access to system resources.",Ivanti,Secure Access Client,7,HIGH,0.0004299999854993075,false,,false,false,true,2024-02-25T17:09:17.000Z,true,false,false,,2023-10-25T00:24:34.090Z,0