Primary

Context

Ivanti Endpoint Manager Privilege Escalation Vulnerability

Vulnerability

Patched

A privilege escalation vulnerability has been identified in the agent of Ivanti Endpoint Manager, affecting versions through 2024 SU5. This vulnerability allows a local authenticated attacker to escalate privileges due to incorrect permissions assignment.

Impact

Exploitation of this vulnerability could lead to unauthorized privilege escalation, allowing an attacker to gain elevated rights or access within the system.

Remediation

Users can update to Ivanti Endpoint Manager 2024 SU6 to address this vulnerability. The update is available through the Ivanti License System (ILS).

Added: May 12, 2026, 3:23 PM

Updated: May 12, 2026, 3:23 PM

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

7.5

exploitability

3.5

remediation

7.7

relevance

8.1

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

7.5

exploitability

3.5

remediation

7.7

relevance

8.1

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Ivanti Endpoint Manager Privilege Escalation Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Ivanti Endpoint Manager

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating