Vulnerabilities > Ivanti > Secure Access Client
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-13 | CVE-2024-29211 | Race Condition vulnerability in Ivanti Secure Access Client A race condition in Ivanti Secure Access Client before version 22.7R4 allows a local authenticated attacker to modify sensitive configuration files. | 4.7 |
| 2024-11-13 | CVE-2024-37398 | Unspecified vulnerability in Ivanti Secure Access Client Insufficient validation in Ivanti Secure Access Client before 22.7R4 allows a local authenticated attacker to escalate their privileges. | 7.8 |
| 2024-11-12 | CVE-2024-7571 | Unspecified vulnerability in Ivanti Secure Access Client Incorrect permissions in Ivanti Secure Access Client before 22.7R4 allows a local authenticated attacker to escalate their privileges. | 7.8 |
| 2024-11-12 | CVE-2024-8539 | Unspecified vulnerability in Ivanti Secure Access Client Improper authorization in Ivanti Secure Access Client before version 22.7R3 allows a local authenticated attacker to modify sensitive configuration files. | 7.1 |
| 2024-11-12 | CVE-2024-9842 | Incorrect Permission Assignment for Critical Resource vulnerability in Ivanti Secure Access Client Incorrect permissions in Ivanti Secure Access Client before version 22.7R4 allows a local authenticated attacker to create arbitrary folders. | 3.3 |
| 2024-11-12 | CVE-2024-9843 | Out-of-bounds Read vulnerability in Ivanti Secure Access Client A buffer over-read in Ivanti Secure Access Client before 22.7R4 allows a local unauthenticated attacker to cause a denial of service. | 5.5 |
| 2023-11-15 | CVE-2023-35080 | Unspecified vulnerability in Ivanti Secure Access Client A vulnerability has been identified in the Ivanti Secure Access Windows client, which could allow a locally authenticated attacker to exploit a vulnerable configuration, potentially leading to various security risks, including the escalation of privileges, denial of service, or information disclosure. | 7.8 |
| 2023-11-15 | CVE-2023-38043 | Unspecified vulnerability in Ivanti Secure Access Client A vulnerability exists on all versions of the Ivanti Secure Access Client below 22.6R1.1, which could allow a locally authenticated attacker to exploit a vulnerable configuration, potentially leading to a denial of service (DoS) condition on the user machine and, in some cases, resulting in a full compromise of the system. | 7.8 |
| 2023-11-15 | CVE-2023-38543 | Unspecified vulnerability in Ivanti Secure Access Client A vulnerability exists on all versions of the Ivanti Secure Access Client below 22.6R1.1, which could allow a locally authenticated attacker to exploit a vulnerable configuration, potentially leading to a denial of service (DoS) condition on the user machine. | 7.8 |
| 2023-11-15 | CVE-2023-38544 | Unspecified vulnerability in Ivanti Secure Access Client 22.2/22.3 A logged in user can modify specific files that may lead to unauthorized changes in system-wide configuration settings. | 5.5 |