Primary

Context

Ivanti Secure Access Client Privilege Escalation Vulnerability

Vulnerability

Patched

A privilege escalation vulnerability has been identified in Ivanti Secure Access Client (ISAC) for Windows, affecting versions through 22.7R3. The issue arises from insufficiently restrictive permissions, which allow a local authenticated attacker to escalate privileges.

Impact

Exploitation of this vulnerability could lead to unauthorized privilege escalation.

Remediation

Users can upgrade to Ivanti Secure Access Client versions 22.7R4 or 22.8R1. The download portal requires login.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

5.4

impact

5.0

exploitability

3.3

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.4

impact

5.0

exploitability

3.3

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Ivanti Secure Access Client Privilege Escalation Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Ivanti Secure Access Client

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating