Ivanti Application Control Engine Race Condition Vulnerability Allowing Application Blocking Bypass

A race condition vulnerability has been identified in Ivanti Application Control Engine versions prior to 10.14.4.0. This vulnerability allows a local authenticated attacker to bypass the application's blocking functionality, potentially leading to unauthorized actions or access within the application.

Impact

Exploitation of this vulnerability allows for bypassing application blocking features, which could lead to unauthorized execution of applications or processes that are normally restricted.

Remediation

Users of Ivanti Application Control should upgrade to versions 2024.3 HF1, 2024.1 HF2, or 2023.3 HF3. For those using Ivanti Security Controls Application Control Module, no patch will be issued, and it is recommended to migrate to Ivanti Application Control or Ivanti Neurons for App Control. Customers using Ivanti Neurons for App Control have already been updated as of December 12, 2024. Ivanti Endpoint Manager users who have integrated with Ivanti Application Control will need to obtain the latest version of the software (10.14.4.0) to import for use with the Privilege Management plugin.