Primary

Context

Ivanti Cloud Services Application Privilege Escalation Vulnerability

Vulnerability

Patched

A local authenticated attacker can escalate privileges in Ivanti Cloud Services Application versions through 5.0.4 due to default credentials. This vulnerability has been assigned a CVSS score of 7.8, indicating high severity.

Impact

Exploitation of this vulnerability allows for local privilege escalation, enabling an authenticated attacker to gain elevated rights within the application.

Remediation

Users should update to Ivanti Cloud Services Application version 5.0.5. However, it is important to note that the fix is not automatically applied when upgrading to this version. Customers should either perform a fresh installation of version 5.0.5 or follow the specific mitigation steps outlined in the Ivanti Security Advisory to properly apply the fix.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

5.0

exploitability

3.5

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

5.0

exploitability

3.5

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Ivanti Cloud Services Application Privilege Escalation Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Ivanti Cloud Services Application

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating