Search

Find a vulnerability

Search criteria

    44 vulnerabilities found for workspace_control by ivanti

    CVE-2025-5353 (GCVE-0-2025-5353)

    Vulnerability from nvd – Published: 2025-06-10 14:39 – Updated: 2026-02-26 17:51
    VLAI
    Summary
    A hardcoded key in Ivanti Workspace Control before version 10.19.10.0 allows a local authenticated attacker to decrypt stored SQL credentials.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-321 - Use of Hard-coded Cryptographic Key
    Assigner
    Impacted products
    Vendor Product Version
    Ivanti Workspace Control Unaffected: 10.19.10.0 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-5353",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-06-11T04:01:31.356009Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T17:51:03.827Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "Workspace Control",
              "vendor": "Ivanti",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "10.19.10.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "A hardcoded key in Ivanti Workspace Control before version 10.19.10.0 allows a local authenticated attacker to decrypt stored SQL credentials\u003cb\u003e.\u003c/b\u003e"
                }
              ],
              "value": "A hardcoded key in Ivanti Workspace Control before version 10.19.10.0 allows a local authenticated attacker to decrypt stored SQL credentials."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-37",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-37 Retrieve Embedded Sensitive Data"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-321",
                  "description": "CWE-321: Use of Hard-coded Cryptographic Key",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-10T14:39:34.206Z",
            "orgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
            "shortName": "ivanti"
          },
          "references": [
            {
              "url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Workspace-Control-CVE-2025-5353-CVE-CVE-2025-22463-CVE-2025-22455"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
        "assignerShortName": "ivanti",
        "cveId": "CVE-2025-5353",
        "datePublished": "2025-06-10T14:39:34.206Z",
        "dateReserved": "2025-05-30T08:39:00.490Z",
        "dateUpdated": "2026-02-26T17:51:03.827Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-22463 (GCVE-0-2025-22463)

    Vulnerability from nvd – Published: 2025-06-10 14:39 – Updated: 2026-02-26 17:51
    VLAI
    Summary
    A hardcoded key in Ivanti Workspace Control before version 10.19.10.0 allows a local authenticated attacker to decrypt the stored environment password.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-321 - Use of Hard-coded Cryptographic Key
    Assigner
    Impacted products
    Vendor Product Version
    Ivanti Workspace Control Unaffected: 10.19.10.0 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-22463",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-06-11T04:01:32.425429Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T17:51:04.123Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "Workspace Control",
              "vendor": "Ivanti",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "10.19.10.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA hardcoded key in Ivanti Workspace Control before version 10.19.10.0 allows a local authenticated attacker to decrypt the stored environment password.\u003c/span\u003e"
                }
              ],
              "value": "A hardcoded key in Ivanti Workspace Control before version 10.19.10.0 allows a local authenticated attacker to decrypt the stored environment password."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-37",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-37 Retrieve Embedded Sensitive Data"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-321",
                  "description": "CWE-321: Use of Hard-coded Cryptographic Key",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-10T14:39:06.714Z",
            "orgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
            "shortName": "ivanti"
          },
          "references": [
            {
              "url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Workspace-Control-CVE-2025-5353-CVE-CVE-2025-22463-CVE-2025-22455"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
        "assignerShortName": "ivanti",
        "cveId": "CVE-2025-22463",
        "datePublished": "2025-06-10T14:39:06.714Z",
        "dateReserved": "2025-01-07T02:19:22.797Z",
        "dateUpdated": "2026-02-26T17:51:04.123Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-22455 (GCVE-0-2025-22455)

    Vulnerability from nvd – Published: 2025-06-10 14:38 – Updated: 2026-02-26 17:51
    VLAI
    Summary
    A hardcoded key in Ivanti Workspace Control before version 10.19.0.0 allows a local authenticated attacker to decrypt stored SQL credentials.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-321 - Use of Hard-coded Cryptographic Key
    Assigner
    Impacted products
    Vendor Product Version
    Ivanti Workspace Control Unaffected: 10.19.0.0 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-22455",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-06-11T04:01:33.471922Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T17:51:04.844Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "Workspace Control",
              "vendor": "Ivanti",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "10.19.0.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "A hardcoded key in Ivanti Workspace Control before version 10.19.0.0 allows a local authenticated attacker to decrypt stored SQL credentials.\u003cbr\u003e"
                }
              ],
              "value": "A hardcoded key in Ivanti Workspace Control before version 10.19.0.0 allows a local authenticated attacker to decrypt stored SQL credentials."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-37",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-37 Retrieve Embedded Sensitive Data"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-321",
                  "description": "CWE-321: Use of Hard-coded Cryptographic Key",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-10T14:38:36.559Z",
            "orgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
            "shortName": "ivanti"
          },
          "references": [
            {
              "url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Workspace-Control-CVE-2025-5353-CVE-CVE-2025-22463-CVE-2025-22455"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
        "assignerShortName": "ivanti",
        "cveId": "CVE-2025-22455",
        "datePublished": "2025-06-10T14:38:36.559Z",
        "dateReserved": "2025-01-07T02:19:22.796Z",
        "dateUpdated": "2026-02-26T17:51:04.844Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-8496 (GCVE-0-2024-8496)

    Vulnerability from nvd – Published: 2024-12-11 16:43 – Updated: 2024-12-14 04:55
    VLAI
    Summary
    Under specific circumstances, insecure permissions in Ivanti Workspace Control before version 10.18.40.0 allows a local authenticated attacker to achieve local privilege escalation.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-276 - Incorrect Default Permissions
    Assigner
    Impacted products
    Vendor Product Version
    Ivanti Workspace Control Unaffected: 10.18.40.0 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-8496",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-12-13T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-12-14T04:55:19.443Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "Workspace Control",
              "vendor": "Ivanti",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "10.18.40.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUnder specific circumstances, insecure permissions in Ivanti Workspace Control before version 10.18.40.0 allows a local authenticated attacker to achieve local privilege escalation.\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e"
                }
              ],
              "value": "Under specific circumstances, insecure permissions in Ivanti Workspace Control before version 10.18.40.0 allows a local authenticated attacker to achieve local privilege escalation."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-233",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-233 Privilege Escalation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-276",
                  "description": "CWE-276 Incorrect Default Permissions",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-12-11T16:43:09.908Z",
            "orgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
            "shortName": "ivanti"
          },
          "references": [
            {
              "url": "https://forums.ivanti.com/s/article/December-2024-Security-Advisory-Ivanti-Workspace-Control-IWC-CVE-2024-8496"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
        "assignerShortName": "ivanti",
        "cveId": "CVE-2024-8496",
        "datePublished": "2024-12-11T16:43:09.908Z",
        "dateReserved": "2024-09-05T18:17:00.813Z",
        "dateUpdated": "2024-12-14T04:55:19.443Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-8012 (GCVE-0-2024-8012)

    Vulnerability from nvd – Published: 2024-09-10 20:37 – Updated: 2025-06-12 16:56
    VLAI
    Summary
    An authentication bypass weakness in the message broker service of Ivanti Workspace Control before version 2025.2 (10.19.0.0) allows a local authenticated attacker to escalate their privileges.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-288 - Authentication Bypass Using an Alternate Path or Channel
    Assigner
    Impacted products
    Vendor Product Version
    Ivanti Workspace Control Unaffected: 10.19.0.0 (custom)
    Create a notification for this product.
    ivanti workspace_control Unaffected: 0 , < 10.18.99.0 (custom)
        cpe:2.3:a:ivanti:workspace_control:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:ivanti:workspace_control:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "workspace_control",
                "vendor": "ivanti",
                "versions": [
                  {
                    "lessThan": "10.18.99.0",
                    "status": "unaffected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-8012",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-11T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-12T03:55:30.163Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "Workspace Control",
              "vendor": "Ivanti",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "10.19.0.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "An authentication bypass weakness in the message broker service of Ivanti Workspace Control before version 2025.2 (10.19.0.0) allows a local authenticated attacker to escalate their privileges."
                }
              ],
              "value": "An authentication bypass weakness in the message broker service of Ivanti Workspace Control before version 2025.2 (10.19.0.0) allows a local authenticated attacker to escalate their privileges."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-233",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-233 Privilege Escalation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-288",
                  "description": "CWE-288: Authentication Bypass Using an Alternate Path or Channel",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-12T16:56:49.405Z",
            "orgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
            "shortName": "ivanti"
          },
          "references": [
            {
              "url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Workspace-Control-IWC"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
        "assignerShortName": "ivanti",
        "cveId": "CVE-2024-8012",
        "datePublished": "2024-09-10T20:37:19.762Z",
        "dateReserved": "2024-08-20T14:55:40.772Z",
        "dateUpdated": "2025-06-12T16:56:49.405Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-44107 (GCVE-0-2024-44107)

    Vulnerability from nvd – Published: 2024-09-10 20:47 – Updated: 2025-06-12 17:03
    VLAI
    Summary
    DLL hijacking in the management console of Ivanti Workspace Control before version 2025.2 (10.19.0.0) allows a local authenticated attacker to escalate their privileges and achieve arbitrary code execution.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-427 - Uncontrolled Search Path Element
    Assigner
    Impacted products
    Vendor Product Version
    Ivanti Workspace Control Unaffected: 10.19.0.0 (custom)
    Create a notification for this product.
    ivanti workspace_control Unaffected: 0 , < 10.18.99.0 (custom)
        cpe:2.3:a:ivanti:workspace_control:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:ivanti:workspace_control:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "workspace_control",
                "vendor": "ivanti",
                "versions": [
                  {
                    "lessThan": "10.18.99.0",
                    "status": "unaffected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-44107",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-11T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-12T03:55:33.881Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "Workspace Control",
              "vendor": "Ivanti",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "10.19.0.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDLL hijacking in the management console of Ivanti Workspace Control before version 2025.2 (10.19.0.0) allows a local authenticated attacker to escalate their privileges and achieve arbitrary code execution. \u0026nbsp;\u003c/span\u003e"
                }
              ],
              "value": "DLL hijacking in the management console of Ivanti Workspace Control before version 2025.2 (10.19.0.0) allows a local authenticated attacker to escalate their privileges and achieve arbitrary code execution."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-233",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-233 Privilege Escalation"
                }
              ]
            },
            {
              "capecId": "CAPEC-549",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-549 Local Execution of Code"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-427",
                  "description": "CWE-427 Uncontrolled Search Path Element",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-12T17:03:29.008Z",
            "orgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
            "shortName": "ivanti"
          },
          "references": [
            {
              "url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Workspace-Control-IWC"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
        "assignerShortName": "ivanti",
        "cveId": "CVE-2024-44107",
        "datePublished": "2024-09-10T20:47:26.779Z",
        "dateReserved": "2024-08-20T14:55:35.616Z",
        "dateUpdated": "2025-06-12T17:03:29.008Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-44106 (GCVE-0-2024-44106)

    Vulnerability from nvd – Published: 2024-09-10 20:45 – Updated: 2025-06-12 17:06
    VLAI
    Summary
    Insufficient server-side controls in the management console of Ivanti Workspace Control before version 2025.2 (10.19.0.0) allows a local authenticated attacker to escalate their privileges.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-602 - Client-Side Enforcement of Server-Side Security
    Assigner
    Impacted products
    Vendor Product Version
    Ivanti Workspace Control Unaffected: 10.19.0.0 (custom)
    Create a notification for this product.
    ivanti automation Unaffected: 0 , < 10.18.99.0 (custom)
        cpe:2.3:a:ivanti:automation:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:ivanti:automation:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "automation",
                "vendor": "ivanti",
                "versions": [
                  {
                    "lessThan": "10.18.99.0",
                    "status": "unaffected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-44106",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-11T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-12T03:55:36.341Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "Workspace Control",
              "vendor": "Ivanti",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "10.19.0.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eInsufficient server-side controls in the management console of Ivanti Workspace Control before version 2025.2 (10.19.0.0) allows a local authenticated attacker to escalate their privileges. \u0026nbsp;\u003c/span\u003e"
                }
              ],
              "value": "Insufficient server-side controls in the management console of Ivanti Workspace Control before version 2025.2 (10.19.0.0) allows a local authenticated attacker to escalate their privileges."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-233",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-233 Privilege Escalation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-602",
                  "description": "CWE-602: Client-Side Enforcement of Server-Side Security",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-12T17:06:34.123Z",
            "orgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
            "shortName": "ivanti"
          },
          "references": [
            {
              "url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Workspace-Control-IWC"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
        "assignerShortName": "ivanti",
        "cveId": "CVE-2024-44106",
        "datePublished": "2024-09-10T20:45:28.624Z",
        "dateReserved": "2024-08-20T14:55:35.616Z",
        "dateUpdated": "2025-06-12T17:06:34.123Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-44105 (GCVE-0-2024-44105)

    Vulnerability from nvd – Published: 2024-09-10 20:43 – Updated: 2025-06-12 16:58
    VLAI
    Summary
    Cleartext transmission of sensitive information in the management console of Ivanti Workspace Control before version 2025.2 (10.19.0.0) allows a local authenticated attacker to obtain OS credentials.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-319 - Cleartext Transmission of Sensitive Information
    Assigner
    Impacted products
    Vendor Product Version
    Ivanti Workspace Control Unaffected: 10.19.0.0 (custom)
    Create a notification for this product.
    ivanti automation Unaffected: 0 , < 10.18.99.0 (custom)
        cpe:2.3:a:ivanti:automation:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:ivanti:automation:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "automation",
                "vendor": "ivanti",
                "versions": [
                  {
                    "lessThan": "10.18.99.0",
                    "status": "unaffected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-44105",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-11T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-12T03:55:31.419Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "Workspace Control",
              "vendor": "Ivanti",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "10.19.0.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eCleartext transmission of sensitive information in the management console of Ivanti Workspace Control before version 2025.2 (10.19.0.0)  allows a local authenticated attacker to obtain OS credentials. \u003c/span\u003e"
                }
              ],
              "value": "Cleartext transmission of sensitive information in the management console of Ivanti Workspace Control before version 2025.2 (10.19.0.0)  allows a local authenticated attacker to obtain OS credentials."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-233",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-233 Privilege Escalation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 8.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-319",
                  "description": "CWE-319 Cleartext Transmission of Sensitive Information",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-12T16:58:30.314Z",
            "orgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
            "shortName": "ivanti"
          },
          "references": [
            {
              "url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Workspace-Control-IWC"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
        "assignerShortName": "ivanti",
        "cveId": "CVE-2024-44105",
        "datePublished": "2024-09-10T20:43:26.618Z",
        "dateReserved": "2024-08-20T14:55:35.616Z",
        "dateUpdated": "2025-06-12T16:58:30.314Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-44104 (GCVE-0-2024-44104)

    Vulnerability from nvd – Published: 2024-09-10 20:41 – Updated: 2025-06-12 17:01
    VLAI
    Summary
    An incorrectly implemented authentication scheme that is subjected to a spoofing attack in the management console of Ivanti Workspace Control before version 2025.2 (10.19.0.0) allows a local authenticated attacker to escalate their privileges.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-290 - Authentication Bypass by Spoofing
    Assigner
    Impacted products
    Vendor Product Version
    Ivanti Workspace Control Unaffected: 10.19.0.0 (custom)
    Create a notification for this product.
    ivanti automation Unaffected: 0 , < 10.18.99.0 (custom)
        cpe:2.3:a:ivanti:automation:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:ivanti:automation:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "automation",
                "vendor": "ivanti",
                "versions": [
                  {
                    "lessThan": "10.18.99.0",
                    "status": "unaffected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-44104",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-11T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-12T03:55:32.642Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "Workspace Control",
              "vendor": "Ivanti",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "10.19.0.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAn incorrectly implemented authentication scheme that is subjected to a spoofing attack in the management console of Ivanti Workspace Control before version 2025.2 (10.19.0.0)  allows a local authenticated attacker to escalate their privileges. \u0026nbsp;\u003c/span\u003e"
                }
              ],
              "value": "An incorrectly implemented authentication scheme that is subjected to a spoofing attack in the management console of Ivanti Workspace Control before version 2025.2 (10.19.0.0)  allows a local authenticated attacker to escalate their privileges."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-233",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-233 Privilege Escalation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-290",
                  "description": "CWE-290 Authentication Bypass by Spoofing",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-12T17:01:17.730Z",
            "orgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
            "shortName": "ivanti"
          },
          "references": [
            {
              "url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Workspace-Control-IWC"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
        "assignerShortName": "ivanti",
        "cveId": "CVE-2024-44104",
        "datePublished": "2024-09-10T20:41:33.032Z",
        "dateReserved": "2024-08-20T14:55:35.616Z",
        "dateUpdated": "2025-06-12T17:01:17.730Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-44103 (GCVE-0-2024-44103)

    Vulnerability from nvd – Published: 2024-09-10 20:39 – Updated: 2025-06-12 17:04
    VLAI
    Summary
    DLL hijacking in the management console of Ivanti Workspace Control before version 2025.2 (10.19.0.0) allows a local authenticated attacker to escalate their privileges.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Ivanti Workspace Control Unaffected: 10.19.0.0 (custom)
    Create a notification for this product.
    ivanti automation Unaffected: 0 , < 10.18.99.0 (custom)
        cpe:2.3:a:ivanti:automation:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:ivanti:automation:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "automation",
                "vendor": "ivanti",
                "versions": [
                  {
                    "lessThan": "10.18.99.0",
                    "status": "unaffected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-44103",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-11T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-12T03:55:35.127Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "Workspace Control",
              "vendor": "Ivanti",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "10.19.0.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDLL hijacking in the management console of Ivanti Workspace Control before version 2025.2 (10.19.0.0) allows a local authenticated attacker to escalate their privileges. \u0026nbsp;\u003c/span\u003e"
                }
              ],
              "value": "DLL hijacking in the management console of Ivanti Workspace Control before version 2025.2 (10.19.0.0) allows a local authenticated attacker to escalate their privileges."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-233",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-233 Privilege Escalation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-426",
                  "description": "CWE-426 Untrusted Search Path",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-12T17:04:53.415Z",
            "orgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
            "shortName": "ivanti"
          },
          "references": [
            {
              "url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Workspace-Control-IWC"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
        "assignerShortName": "ivanti",
        "cveId": "CVE-2024-44103",
        "datePublished": "2024-09-10T20:39:40.204Z",
        "dateReserved": "2024-08-20T14:55:35.616Z",
        "dateUpdated": "2025-06-12T17:04:53.415Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-21823 (GCVE-0-2022-21823)

    Vulnerability from nvd – Published: 2022-01-07 22:39 – Updated: 2024-08-03 02:53
    VLAI
    Summary
    A insecure storage of sensitive information vulnerability exists in Ivanti Workspace Control <2021.2 (10.7.30.0) that could allow an attacker with locally authenticated low privileges to obtain key information due to an unspecified attack vector.
    Severity
    No CVSS data available.
    CWE
    • CWE-922 - Insecure Storage of Sensitive Information (CWE-922)
    Assigner
    References
    Impacted products
    Vendor Product Version
    n/a Ivanti Workspace Control Affected: 2021.2 (10.7.30.0)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T02:53:36.259Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://forums.ivanti.com/s/article/A-locally-authenticated-user-with-low-privileges-can-obtain-key-information-due-to-an-unspecified-attack-vector?language=en_US"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Ivanti Workspace Control",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "2021.2 (10.7.30.0)"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A insecure storage of sensitive information vulnerability exists in Ivanti Workspace Control \u003c2021.2 (10.7.30.0) that could allow an attacker with locally authenticated low privileges to obtain key information due to an unspecified attack vector."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-922",
                  "description": "Insecure Storage of Sensitive Information (CWE-922)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-01-07T22:39:51.000Z",
            "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
            "shortName": "hackerone"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://forums.ivanti.com/s/article/A-locally-authenticated-user-with-low-privileges-can-obtain-key-information-due-to-an-unspecified-attack-vector?language=en_US"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "support@hackerone.com",
              "ID": "CVE-2022-21823",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Ivanti Workspace Control",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "2021.2 (10.7.30.0)"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A insecure storage of sensitive information vulnerability exists in Ivanti Workspace Control \u003c2021.2 (10.7.30.0) that could allow an attacker with locally authenticated low privileges to obtain key information due to an unspecified attack vector."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Insecure Storage of Sensitive Information (CWE-922)"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://forums.ivanti.com/s/article/A-locally-authenticated-user-with-low-privileges-can-obtain-key-information-due-to-an-unspecified-attack-vector?language=en_US",
                  "refsource": "MISC",
                  "url": "https://forums.ivanti.com/s/article/A-locally-authenticated-user-with-low-privileges-can-obtain-key-information-due-to-an-unspecified-attack-vector?language=en_US"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
        "assignerShortName": "hackerone",
        "cveId": "CVE-2022-21823",
        "datePublished": "2022-01-07T22:39:51.000Z",
        "dateReserved": "2021-12-10T00:00:00.000Z",
        "dateUpdated": "2024-08-03T02:53:36.259Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-19138 (GCVE-0-2019-19138)

    Vulnerability from nvd – Published: 2021-12-15 07:07 – Updated: 2024-08-05 02:09
    VLAI
    Summary
    Ivanti Workspace Control before 10.4.50.0 allows attackers to degrade integrity.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T02:09:39.258Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://forums.ivanti.com/s/article/Security-Alert-Ivanti-RES-Workspace-Manager-November-2019"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://forums.ivanti.com/s/article/Enhanced-Security-Update-IWC-components"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Ivanti Workspace Control before 10.4.50.0 allows attackers to degrade integrity."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-12-15T07:07:47.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://forums.ivanti.com/s/article/Security-Alert-Ivanti-RES-Workspace-Manager-November-2019"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://forums.ivanti.com/s/article/Enhanced-Security-Update-IWC-components"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2019-19138",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Ivanti Workspace Control before 10.4.50.0 allows attackers to degrade integrity."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://forums.ivanti.com/s/article/Security-Alert-Ivanti-RES-Workspace-Manager-November-2019",
                  "refsource": "MISC",
                  "url": "https://forums.ivanti.com/s/article/Security-Alert-Ivanti-RES-Workspace-Manager-November-2019"
                },
                {
                  "name": "https://forums.ivanti.com/s/article/Enhanced-Security-Update-IWC-components",
                  "refsource": "MISC",
                  "url": "https://forums.ivanti.com/s/article/Enhanced-Security-Update-IWC-components"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2019-19138",
        "datePublished": "2021-12-15T07:07:47.000Z",
        "dateReserved": "2019-11-20T00:00:00.000Z",
        "dateUpdated": "2024-08-05T02:09:39.258Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-36235 (GCVE-0-2021-36235)

    Vulnerability from nvd – Published: 2021-09-01 00:19 – Updated: 2024-08-04 00:54
    VLAI
    Summary
    An issue was discovered in Ivanti Workspace Control before 10.6.30.0. A locally authenticated user with low privileges can bypass File and Folder Security by leveraging an unspecified attack vector. As a result, the attacker can start applications with elevated privileges.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T00:54:50.836Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://forums.ivanti.com/s/article/A-locally-authenticated-user-with-low-privileges-can-bypass-the-File-and-Folder-Security-by-leveraging-an-unspecified-attack-vector"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An issue was discovered in Ivanti Workspace Control before 10.6.30.0. A locally authenticated user with low privileges can bypass File and Folder Security by leveraging an unspecified attack vector. As a result, the attacker can start applications with elevated privileges."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-09-01T00:19:28.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://forums.ivanti.com/s/article/A-locally-authenticated-user-with-low-privileges-can-bypass-the-File-and-Folder-Security-by-leveraging-an-unspecified-attack-vector"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2021-36235",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "An issue was discovered in Ivanti Workspace Control before 10.6.30.0. A locally authenticated user with low privileges can bypass File and Folder Security by leveraging an unspecified attack vector. As a result, the attacker can start applications with elevated privileges."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://forums.ivanti.com/s/article/A-locally-authenticated-user-with-low-privileges-can-bypass-the-File-and-Folder-Security-by-leveraging-an-unspecified-attack-vector",
                  "refsource": "MISC",
                  "url": "https://forums.ivanti.com/s/article/A-locally-authenticated-user-with-low-privileges-can-bypass-the-File-and-Folder-Security-by-leveraging-an-unspecified-attack-vector"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2021-36235",
        "datePublished": "2021-09-01T00:19:28.000Z",
        "dateReserved": "2021-07-08T00:00:00.000Z",
        "dateUpdated": "2024-08-04T00:54:50.836Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-17066 (GCVE-0-2019-17066)

    Vulnerability from nvd – Published: 2020-05-18 21:53 – Updated: 2024-08-05 01:33
    VLAI
    Summary
    In Ivanti WorkSpace Control before 10.4.40.0, a user can elevate rights on the system by hijacking certain user registries. This is possible because pwrgrid.exe first checks the Current User registry hives (HKCU) when starting an application with elevated rights.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2020-05-18 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T01:33:17.067Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://forums.ivanti.com/s/article/A-locally-authenticated-user-with-low-privileges-can-acquire-admin-privileges-by-hijacking-certain-user-registry-entries"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2020-05-18T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "In Ivanti WorkSpace Control before 10.4.40.0, a user can elevate rights on the system by hijacking certain user registries. This is possible because pwrgrid.exe first checks the Current User registry hives (HKCU) when starting an application with elevated rights."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-05-18T21:53:20.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://forums.ivanti.com/s/article/A-locally-authenticated-user-with-low-privileges-can-acquire-admin-privileges-by-hijacking-certain-user-registry-entries"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2019-17066",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "In Ivanti WorkSpace Control before 10.4.40.0, a user can elevate rights on the system by hijacking certain user registries. This is possible because pwrgrid.exe first checks the Current User registry hives (HKCU) when starting an application with elevated rights."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://forums.ivanti.com/s/article/A-locally-authenticated-user-with-low-privileges-can-acquire-admin-privileges-by-hijacking-certain-user-registry-entries",
                  "refsource": "CONFIRM",
                  "url": "https://forums.ivanti.com/s/article/A-locally-authenticated-user-with-low-privileges-can-acquire-admin-privileges-by-hijacking-certain-user-registry-entries"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2019-17066",
        "datePublished": "2020-05-18T21:53:20.000Z",
        "dateReserved": "2019-10-01T00:00:00.000Z",
        "dateUpdated": "2024-08-05T01:33:17.067Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-11533 (GCVE-0-2020-11533)

    Vulnerability from nvd – Published: 2020-04-04 19:02 – Updated: 2024-08-04 11:35
    VLAI
    Summary
    Ivanti Workspace Control before 10.4.30.0, when SCCM integration is enabled, allows local users to obtain sensitive information (keying material).
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T11:35:13.208Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://forums.ivanti.com/s/article/A-locally-authenticated-user-with-low-privileges-can-recover-keying-material-due-to-an-unspecified-attack-vector"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Ivanti Workspace Control before 10.4.30.0, when SCCM integration is enabled, allows local users to obtain sensitive information (keying material)."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-04-04T19:02:47.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://forums.ivanti.com/s/article/A-locally-authenticated-user-with-low-privileges-can-recover-keying-material-due-to-an-unspecified-attack-vector"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2020-11533",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Ivanti Workspace Control before 10.4.30.0, when SCCM integration is enabled, allows local users to obtain sensitive information (keying material)."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://forums.ivanti.com/s/article/A-locally-authenticated-user-with-low-privileges-can-recover-keying-material-due-to-an-unspecified-attack-vector",
                  "refsource": "MISC",
                  "url": "https://forums.ivanti.com/s/article/A-locally-authenticated-user-with-low-privileges-can-recover-keying-material-due-to-an-unspecified-attack-vector"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2020-11533",
        "datePublished": "2020-04-04T19:02:47.000Z",
        "dateReserved": "2020-04-04T00:00:00.000Z",
        "dateUpdated": "2024-08-04T11:35:13.208Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-5353 (GCVE-0-2025-5353)

    Vulnerability from cvelistv5 – Published: 2025-06-10 14:39 – Updated: 2026-02-26 17:51
    VLAI
    Summary
    A hardcoded key in Ivanti Workspace Control before version 10.19.10.0 allows a local authenticated attacker to decrypt stored SQL credentials.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-321 - Use of Hard-coded Cryptographic Key
    Assigner
    Impacted products
    Vendor Product Version
    Ivanti Workspace Control Unaffected: 10.19.10.0 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-5353",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-06-11T04:01:31.356009Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T17:51:03.827Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "Workspace Control",
              "vendor": "Ivanti",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "10.19.10.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "A hardcoded key in Ivanti Workspace Control before version 10.19.10.0 allows a local authenticated attacker to decrypt stored SQL credentials\u003cb\u003e.\u003c/b\u003e"
                }
              ],
              "value": "A hardcoded key in Ivanti Workspace Control before version 10.19.10.0 allows a local authenticated attacker to decrypt stored SQL credentials."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-37",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-37 Retrieve Embedded Sensitive Data"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-321",
                  "description": "CWE-321: Use of Hard-coded Cryptographic Key",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-10T14:39:34.206Z",
            "orgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
            "shortName": "ivanti"
          },
          "references": [
            {
              "url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Workspace-Control-CVE-2025-5353-CVE-CVE-2025-22463-CVE-2025-22455"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
        "assignerShortName": "ivanti",
        "cveId": "CVE-2025-5353",
        "datePublished": "2025-06-10T14:39:34.206Z",
        "dateReserved": "2025-05-30T08:39:00.490Z",
        "dateUpdated": "2026-02-26T17:51:03.827Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-22463 (GCVE-0-2025-22463)

    Vulnerability from cvelistv5 – Published: 2025-06-10 14:39 – Updated: 2026-02-26 17:51
    VLAI
    Summary
    A hardcoded key in Ivanti Workspace Control before version 10.19.10.0 allows a local authenticated attacker to decrypt the stored environment password.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-321 - Use of Hard-coded Cryptographic Key
    Assigner
    Impacted products
    Vendor Product Version
    Ivanti Workspace Control Unaffected: 10.19.10.0 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-22463",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-06-11T04:01:32.425429Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T17:51:04.123Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "Workspace Control",
              "vendor": "Ivanti",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "10.19.10.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA hardcoded key in Ivanti Workspace Control before version 10.19.10.0 allows a local authenticated attacker to decrypt the stored environment password.\u003c/span\u003e"
                }
              ],
              "value": "A hardcoded key in Ivanti Workspace Control before version 10.19.10.0 allows a local authenticated attacker to decrypt the stored environment password."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-37",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-37 Retrieve Embedded Sensitive Data"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-321",
                  "description": "CWE-321: Use of Hard-coded Cryptographic Key",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-10T14:39:06.714Z",
            "orgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
            "shortName": "ivanti"
          },
          "references": [
            {
              "url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Workspace-Control-CVE-2025-5353-CVE-CVE-2025-22463-CVE-2025-22455"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
        "assignerShortName": "ivanti",
        "cveId": "CVE-2025-22463",
        "datePublished": "2025-06-10T14:39:06.714Z",
        "dateReserved": "2025-01-07T02:19:22.797Z",
        "dateUpdated": "2026-02-26T17:51:04.123Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-22455 (GCVE-0-2025-22455)

    Vulnerability from cvelistv5 – Published: 2025-06-10 14:38 – Updated: 2026-02-26 17:51
    VLAI
    Summary
    A hardcoded key in Ivanti Workspace Control before version 10.19.0.0 allows a local authenticated attacker to decrypt stored SQL credentials.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-321 - Use of Hard-coded Cryptographic Key
    Assigner
    Impacted products
    Vendor Product Version
    Ivanti Workspace Control Unaffected: 10.19.0.0 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-22455",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-06-11T04:01:33.471922Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T17:51:04.844Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "Workspace Control",
              "vendor": "Ivanti",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "10.19.0.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "A hardcoded key in Ivanti Workspace Control before version 10.19.0.0 allows a local authenticated attacker to decrypt stored SQL credentials.\u003cbr\u003e"
                }
              ],
              "value": "A hardcoded key in Ivanti Workspace Control before version 10.19.0.0 allows a local authenticated attacker to decrypt stored SQL credentials."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-37",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-37 Retrieve Embedded Sensitive Data"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-321",
                  "description": "CWE-321: Use of Hard-coded Cryptographic Key",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-10T14:38:36.559Z",
            "orgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
            "shortName": "ivanti"
          },
          "references": [
            {
              "url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Workspace-Control-CVE-2025-5353-CVE-CVE-2025-22463-CVE-2025-22455"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
        "assignerShortName": "ivanti",
        "cveId": "CVE-2025-22455",
        "datePublished": "2025-06-10T14:38:36.559Z",
        "dateReserved": "2025-01-07T02:19:22.796Z",
        "dateUpdated": "2026-02-26T17:51:04.844Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-8496 (GCVE-0-2024-8496)

    Vulnerability from cvelistv5 – Published: 2024-12-11 16:43 – Updated: 2024-12-14 04:55
    VLAI
    Summary
    Under specific circumstances, insecure permissions in Ivanti Workspace Control before version 10.18.40.0 allows a local authenticated attacker to achieve local privilege escalation.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-276 - Incorrect Default Permissions
    Assigner
    Impacted products
    Vendor Product Version
    Ivanti Workspace Control Unaffected: 10.18.40.0 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-8496",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-12-13T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-12-14T04:55:19.443Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "Workspace Control",
              "vendor": "Ivanti",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "10.18.40.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUnder specific circumstances, insecure permissions in Ivanti Workspace Control before version 10.18.40.0 allows a local authenticated attacker to achieve local privilege escalation.\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e"
                }
              ],
              "value": "Under specific circumstances, insecure permissions in Ivanti Workspace Control before version 10.18.40.0 allows a local authenticated attacker to achieve local privilege escalation."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-233",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-233 Privilege Escalation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-276",
                  "description": "CWE-276 Incorrect Default Permissions",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-12-11T16:43:09.908Z",
            "orgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
            "shortName": "ivanti"
          },
          "references": [
            {
              "url": "https://forums.ivanti.com/s/article/December-2024-Security-Advisory-Ivanti-Workspace-Control-IWC-CVE-2024-8496"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
        "assignerShortName": "ivanti",
        "cveId": "CVE-2024-8496",
        "datePublished": "2024-12-11T16:43:09.908Z",
        "dateReserved": "2024-09-05T18:17:00.813Z",
        "dateUpdated": "2024-12-14T04:55:19.443Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-44107 (GCVE-0-2024-44107)

    Vulnerability from cvelistv5 – Published: 2024-09-10 20:47 – Updated: 2025-06-12 17:03
    VLAI
    Summary
    DLL hijacking in the management console of Ivanti Workspace Control before version 2025.2 (10.19.0.0) allows a local authenticated attacker to escalate their privileges and achieve arbitrary code execution.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-427 - Uncontrolled Search Path Element
    Assigner
    Impacted products
    Vendor Product Version
    Ivanti Workspace Control Unaffected: 10.19.0.0 (custom)
    Create a notification for this product.
    ivanti workspace_control Unaffected: 0 , < 10.18.99.0 (custom)
        cpe:2.3:a:ivanti:workspace_control:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:ivanti:workspace_control:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "workspace_control",
                "vendor": "ivanti",
                "versions": [
                  {
                    "lessThan": "10.18.99.0",
                    "status": "unaffected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-44107",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-11T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-12T03:55:33.881Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "Workspace Control",
              "vendor": "Ivanti",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "10.19.0.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDLL hijacking in the management console of Ivanti Workspace Control before version 2025.2 (10.19.0.0) allows a local authenticated attacker to escalate their privileges and achieve arbitrary code execution. \u0026nbsp;\u003c/span\u003e"
                }
              ],
              "value": "DLL hijacking in the management console of Ivanti Workspace Control before version 2025.2 (10.19.0.0) allows a local authenticated attacker to escalate their privileges and achieve arbitrary code execution."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-233",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-233 Privilege Escalation"
                }
              ]
            },
            {
              "capecId": "CAPEC-549",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-549 Local Execution of Code"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-427",
                  "description": "CWE-427 Uncontrolled Search Path Element",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-12T17:03:29.008Z",
            "orgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
            "shortName": "ivanti"
          },
          "references": [
            {
              "url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Workspace-Control-IWC"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
        "assignerShortName": "ivanti",
        "cveId": "CVE-2024-44107",
        "datePublished": "2024-09-10T20:47:26.779Z",
        "dateReserved": "2024-08-20T14:55:35.616Z",
        "dateUpdated": "2025-06-12T17:03:29.008Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-44106 (GCVE-0-2024-44106)

    Vulnerability from cvelistv5 – Published: 2024-09-10 20:45 – Updated: 2025-06-12 17:06
    VLAI
    Summary
    Insufficient server-side controls in the management console of Ivanti Workspace Control before version 2025.2 (10.19.0.0) allows a local authenticated attacker to escalate their privileges.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-602 - Client-Side Enforcement of Server-Side Security
    Assigner
    Impacted products
    Vendor Product Version
    Ivanti Workspace Control Unaffected: 10.19.0.0 (custom)
    Create a notification for this product.
    ivanti automation Unaffected: 0 , < 10.18.99.0 (custom)
        cpe:2.3:a:ivanti:automation:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:ivanti:automation:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "automation",
                "vendor": "ivanti",
                "versions": [
                  {
                    "lessThan": "10.18.99.0",
                    "status": "unaffected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-44106",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-11T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-12T03:55:36.341Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "Workspace Control",
              "vendor": "Ivanti",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "10.19.0.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eInsufficient server-side controls in the management console of Ivanti Workspace Control before version 2025.2 (10.19.0.0) allows a local authenticated attacker to escalate their privileges. \u0026nbsp;\u003c/span\u003e"
                }
              ],
              "value": "Insufficient server-side controls in the management console of Ivanti Workspace Control before version 2025.2 (10.19.0.0) allows a local authenticated attacker to escalate their privileges."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-233",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-233 Privilege Escalation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-602",
                  "description": "CWE-602: Client-Side Enforcement of Server-Side Security",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-12T17:06:34.123Z",
            "orgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
            "shortName": "ivanti"
          },
          "references": [
            {
              "url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Workspace-Control-IWC"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
        "assignerShortName": "ivanti",
        "cveId": "CVE-2024-44106",
        "datePublished": "2024-09-10T20:45:28.624Z",
        "dateReserved": "2024-08-20T14:55:35.616Z",
        "dateUpdated": "2025-06-12T17:06:34.123Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-44105 (GCVE-0-2024-44105)

    Vulnerability from cvelistv5 – Published: 2024-09-10 20:43 – Updated: 2025-06-12 16:58
    VLAI
    Summary
    Cleartext transmission of sensitive information in the management console of Ivanti Workspace Control before version 2025.2 (10.19.0.0) allows a local authenticated attacker to obtain OS credentials.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-319 - Cleartext Transmission of Sensitive Information
    Assigner
    Impacted products
    Vendor Product Version
    Ivanti Workspace Control Unaffected: 10.19.0.0 (custom)
    Create a notification for this product.
    ivanti automation Unaffected: 0 , < 10.18.99.0 (custom)
        cpe:2.3:a:ivanti:automation:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:ivanti:automation:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "automation",
                "vendor": "ivanti",
                "versions": [
                  {
                    "lessThan": "10.18.99.0",
                    "status": "unaffected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-44105",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-11T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-12T03:55:31.419Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "Workspace Control",
              "vendor": "Ivanti",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "10.19.0.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eCleartext transmission of sensitive information in the management console of Ivanti Workspace Control before version 2025.2 (10.19.0.0)  allows a local authenticated attacker to obtain OS credentials. \u003c/span\u003e"
                }
              ],
              "value": "Cleartext transmission of sensitive information in the management console of Ivanti Workspace Control before version 2025.2 (10.19.0.0)  allows a local authenticated attacker to obtain OS credentials."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-233",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-233 Privilege Escalation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 8.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-319",
                  "description": "CWE-319 Cleartext Transmission of Sensitive Information",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-12T16:58:30.314Z",
            "orgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
            "shortName": "ivanti"
          },
          "references": [
            {
              "url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Workspace-Control-IWC"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
        "assignerShortName": "ivanti",
        "cveId": "CVE-2024-44105",
        "datePublished": "2024-09-10T20:43:26.618Z",
        "dateReserved": "2024-08-20T14:55:35.616Z",
        "dateUpdated": "2025-06-12T16:58:30.314Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-44104 (GCVE-0-2024-44104)

    Vulnerability from cvelistv5 – Published: 2024-09-10 20:41 – Updated: 2025-06-12 17:01
    VLAI
    Summary
    An incorrectly implemented authentication scheme that is subjected to a spoofing attack in the management console of Ivanti Workspace Control before version 2025.2 (10.19.0.0) allows a local authenticated attacker to escalate their privileges.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-290 - Authentication Bypass by Spoofing
    Assigner
    Impacted products
    Vendor Product Version
    Ivanti Workspace Control Unaffected: 10.19.0.0 (custom)
    Create a notification for this product.
    ivanti automation Unaffected: 0 , < 10.18.99.0 (custom)
        cpe:2.3:a:ivanti:automation:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:ivanti:automation:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "automation",
                "vendor": "ivanti",
                "versions": [
                  {
                    "lessThan": "10.18.99.0",
                    "status": "unaffected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-44104",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-11T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-12T03:55:32.642Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "Workspace Control",
              "vendor": "Ivanti",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "10.19.0.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAn incorrectly implemented authentication scheme that is subjected to a spoofing attack in the management console of Ivanti Workspace Control before version 2025.2 (10.19.0.0)  allows a local authenticated attacker to escalate their privileges. \u0026nbsp;\u003c/span\u003e"
                }
              ],
              "value": "An incorrectly implemented authentication scheme that is subjected to a spoofing attack in the management console of Ivanti Workspace Control before version 2025.2 (10.19.0.0)  allows a local authenticated attacker to escalate their privileges."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-233",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-233 Privilege Escalation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-290",
                  "description": "CWE-290 Authentication Bypass by Spoofing",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-12T17:01:17.730Z",
            "orgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
            "shortName": "ivanti"
          },
          "references": [
            {
              "url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Workspace-Control-IWC"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
        "assignerShortName": "ivanti",
        "cveId": "CVE-2024-44104",
        "datePublished": "2024-09-10T20:41:33.032Z",
        "dateReserved": "2024-08-20T14:55:35.616Z",
        "dateUpdated": "2025-06-12T17:01:17.730Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-44103 (GCVE-0-2024-44103)

    Vulnerability from cvelistv5 – Published: 2024-09-10 20:39 – Updated: 2025-06-12 17:04
    VLAI
    Summary
    DLL hijacking in the management console of Ivanti Workspace Control before version 2025.2 (10.19.0.0) allows a local authenticated attacker to escalate their privileges.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Ivanti Workspace Control Unaffected: 10.19.0.0 (custom)
    Create a notification for this product.
    ivanti automation Unaffected: 0 , < 10.18.99.0 (custom)
        cpe:2.3:a:ivanti:automation:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:ivanti:automation:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "automation",
                "vendor": "ivanti",
                "versions": [
                  {
                    "lessThan": "10.18.99.0",
                    "status": "unaffected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-44103",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-11T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-12T03:55:35.127Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "Workspace Control",
              "vendor": "Ivanti",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "10.19.0.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDLL hijacking in the management console of Ivanti Workspace Control before version 2025.2 (10.19.0.0) allows a local authenticated attacker to escalate their privileges. \u0026nbsp;\u003c/span\u003e"
                }
              ],
              "value": "DLL hijacking in the management console of Ivanti Workspace Control before version 2025.2 (10.19.0.0) allows a local authenticated attacker to escalate their privileges."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-233",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-233 Privilege Escalation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-426",
                  "description": "CWE-426 Untrusted Search Path",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-12T17:04:53.415Z",
            "orgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
            "shortName": "ivanti"
          },
          "references": [
            {
              "url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Workspace-Control-IWC"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
        "assignerShortName": "ivanti",
        "cveId": "CVE-2024-44103",
        "datePublished": "2024-09-10T20:39:40.204Z",
        "dateReserved": "2024-08-20T14:55:35.616Z",
        "dateUpdated": "2025-06-12T17:04:53.415Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-8012 (GCVE-0-2024-8012)

    Vulnerability from cvelistv5 – Published: 2024-09-10 20:37 – Updated: 2025-06-12 16:56
    VLAI
    Summary
    An authentication bypass weakness in the message broker service of Ivanti Workspace Control before version 2025.2 (10.19.0.0) allows a local authenticated attacker to escalate their privileges.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-288 - Authentication Bypass Using an Alternate Path or Channel
    Assigner
    Impacted products
    Vendor Product Version
    Ivanti Workspace Control Unaffected: 10.19.0.0 (custom)
    Create a notification for this product.
    ivanti workspace_control Unaffected: 0 , < 10.18.99.0 (custom)
        cpe:2.3:a:ivanti:workspace_control:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:ivanti:workspace_control:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "workspace_control",
                "vendor": "ivanti",
                "versions": [
                  {
                    "lessThan": "10.18.99.0",
                    "status": "unaffected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-8012",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-11T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-12T03:55:30.163Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "Workspace Control",
              "vendor": "Ivanti",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "10.19.0.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "An authentication bypass weakness in the message broker service of Ivanti Workspace Control before version 2025.2 (10.19.0.0) allows a local authenticated attacker to escalate their privileges."
                }
              ],
              "value": "An authentication bypass weakness in the message broker service of Ivanti Workspace Control before version 2025.2 (10.19.0.0) allows a local authenticated attacker to escalate their privileges."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-233",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-233 Privilege Escalation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-288",
                  "description": "CWE-288: Authentication Bypass Using an Alternate Path or Channel",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-12T16:56:49.405Z",
            "orgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
            "shortName": "ivanti"
          },
          "references": [
            {
              "url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Workspace-Control-IWC"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
        "assignerShortName": "ivanti",
        "cveId": "CVE-2024-8012",
        "datePublished": "2024-09-10T20:37:19.762Z",
        "dateReserved": "2024-08-20T14:55:40.772Z",
        "dateUpdated": "2025-06-12T16:56:49.405Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-21823 (GCVE-0-2022-21823)

    Vulnerability from cvelistv5 – Published: 2022-01-07 22:39 – Updated: 2024-08-03 02:53
    VLAI
    Summary
    A insecure storage of sensitive information vulnerability exists in Ivanti Workspace Control <2021.2 (10.7.30.0) that could allow an attacker with locally authenticated low privileges to obtain key information due to an unspecified attack vector.
    Severity
    No CVSS data available.
    CWE
    • CWE-922 - Insecure Storage of Sensitive Information (CWE-922)
    Assigner
    References
    Impacted products
    Vendor Product Version
    n/a Ivanti Workspace Control Affected: 2021.2 (10.7.30.0)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T02:53:36.259Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://forums.ivanti.com/s/article/A-locally-authenticated-user-with-low-privileges-can-obtain-key-information-due-to-an-unspecified-attack-vector?language=en_US"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Ivanti Workspace Control",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "2021.2 (10.7.30.0)"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A insecure storage of sensitive information vulnerability exists in Ivanti Workspace Control \u003c2021.2 (10.7.30.0) that could allow an attacker with locally authenticated low privileges to obtain key information due to an unspecified attack vector."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-922",
                  "description": "Insecure Storage of Sensitive Information (CWE-922)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-01-07T22:39:51.000Z",
            "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
            "shortName": "hackerone"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://forums.ivanti.com/s/article/A-locally-authenticated-user-with-low-privileges-can-obtain-key-information-due-to-an-unspecified-attack-vector?language=en_US"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "support@hackerone.com",
              "ID": "CVE-2022-21823",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Ivanti Workspace Control",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "2021.2 (10.7.30.0)"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A insecure storage of sensitive information vulnerability exists in Ivanti Workspace Control \u003c2021.2 (10.7.30.0) that could allow an attacker with locally authenticated low privileges to obtain key information due to an unspecified attack vector."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Insecure Storage of Sensitive Information (CWE-922)"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://forums.ivanti.com/s/article/A-locally-authenticated-user-with-low-privileges-can-obtain-key-information-due-to-an-unspecified-attack-vector?language=en_US",
                  "refsource": "MISC",
                  "url": "https://forums.ivanti.com/s/article/A-locally-authenticated-user-with-low-privileges-can-obtain-key-information-due-to-an-unspecified-attack-vector?language=en_US"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
        "assignerShortName": "hackerone",
        "cveId": "CVE-2022-21823",
        "datePublished": "2022-01-07T22:39:51.000Z",
        "dateReserved": "2021-12-10T00:00:00.000Z",
        "dateUpdated": "2024-08-03T02:53:36.259Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-19138 (GCVE-0-2019-19138)

    Vulnerability from cvelistv5 – Published: 2021-12-15 07:07 – Updated: 2024-08-05 02:09
    VLAI
    Summary
    Ivanti Workspace Control before 10.4.50.0 allows attackers to degrade integrity.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T02:09:39.258Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://forums.ivanti.com/s/article/Security-Alert-Ivanti-RES-Workspace-Manager-November-2019"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://forums.ivanti.com/s/article/Enhanced-Security-Update-IWC-components"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Ivanti Workspace Control before 10.4.50.0 allows attackers to degrade integrity."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-12-15T07:07:47.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://forums.ivanti.com/s/article/Security-Alert-Ivanti-RES-Workspace-Manager-November-2019"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://forums.ivanti.com/s/article/Enhanced-Security-Update-IWC-components"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2019-19138",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Ivanti Workspace Control before 10.4.50.0 allows attackers to degrade integrity."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://forums.ivanti.com/s/article/Security-Alert-Ivanti-RES-Workspace-Manager-November-2019",
                  "refsource": "MISC",
                  "url": "https://forums.ivanti.com/s/article/Security-Alert-Ivanti-RES-Workspace-Manager-November-2019"
                },
                {
                  "name": "https://forums.ivanti.com/s/article/Enhanced-Security-Update-IWC-components",
                  "refsource": "MISC",
                  "url": "https://forums.ivanti.com/s/article/Enhanced-Security-Update-IWC-components"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2019-19138",
        "datePublished": "2021-12-15T07:07:47.000Z",
        "dateReserved": "2019-11-20T00:00:00.000Z",
        "dateUpdated": "2024-08-05T02:09:39.258Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-36235 (GCVE-0-2021-36235)

    Vulnerability from cvelistv5 – Published: 2021-09-01 00:19 – Updated: 2024-08-04 00:54
    VLAI
    Summary
    An issue was discovered in Ivanti Workspace Control before 10.6.30.0. A locally authenticated user with low privileges can bypass File and Folder Security by leveraging an unspecified attack vector. As a result, the attacker can start applications with elevated privileges.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T00:54:50.836Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://forums.ivanti.com/s/article/A-locally-authenticated-user-with-low-privileges-can-bypass-the-File-and-Folder-Security-by-leveraging-an-unspecified-attack-vector"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An issue was discovered in Ivanti Workspace Control before 10.6.30.0. A locally authenticated user with low privileges can bypass File and Folder Security by leveraging an unspecified attack vector. As a result, the attacker can start applications with elevated privileges."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-09-01T00:19:28.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://forums.ivanti.com/s/article/A-locally-authenticated-user-with-low-privileges-can-bypass-the-File-and-Folder-Security-by-leveraging-an-unspecified-attack-vector"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2021-36235",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "An issue was discovered in Ivanti Workspace Control before 10.6.30.0. A locally authenticated user with low privileges can bypass File and Folder Security by leveraging an unspecified attack vector. As a result, the attacker can start applications with elevated privileges."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://forums.ivanti.com/s/article/A-locally-authenticated-user-with-low-privileges-can-bypass-the-File-and-Folder-Security-by-leveraging-an-unspecified-attack-vector",
                  "refsource": "MISC",
                  "url": "https://forums.ivanti.com/s/article/A-locally-authenticated-user-with-low-privileges-can-bypass-the-File-and-Folder-Security-by-leveraging-an-unspecified-attack-vector"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2021-36235",
        "datePublished": "2021-09-01T00:19:28.000Z",
        "dateReserved": "2021-07-08T00:00:00.000Z",
        "dateUpdated": "2024-08-04T00:54:50.836Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-17066 (GCVE-0-2019-17066)

    Vulnerability from cvelistv5 – Published: 2020-05-18 21:53 – Updated: 2024-08-05 01:33
    VLAI
    Summary
    In Ivanti WorkSpace Control before 10.4.40.0, a user can elevate rights on the system by hijacking certain user registries. This is possible because pwrgrid.exe first checks the Current User registry hives (HKCU) when starting an application with elevated rights.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2020-05-18 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T01:33:17.067Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://forums.ivanti.com/s/article/A-locally-authenticated-user-with-low-privileges-can-acquire-admin-privileges-by-hijacking-certain-user-registry-entries"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2020-05-18T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "In Ivanti WorkSpace Control before 10.4.40.0, a user can elevate rights on the system by hijacking certain user registries. This is possible because pwrgrid.exe first checks the Current User registry hives (HKCU) when starting an application with elevated rights."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-05-18T21:53:20.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://forums.ivanti.com/s/article/A-locally-authenticated-user-with-low-privileges-can-acquire-admin-privileges-by-hijacking-certain-user-registry-entries"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2019-17066",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "In Ivanti WorkSpace Control before 10.4.40.0, a user can elevate rights on the system by hijacking certain user registries. This is possible because pwrgrid.exe first checks the Current User registry hives (HKCU) when starting an application with elevated rights."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://forums.ivanti.com/s/article/A-locally-authenticated-user-with-low-privileges-can-acquire-admin-privileges-by-hijacking-certain-user-registry-entries",
                  "refsource": "CONFIRM",
                  "url": "https://forums.ivanti.com/s/article/A-locally-authenticated-user-with-low-privileges-can-acquire-admin-privileges-by-hijacking-certain-user-registry-entries"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2019-17066",
        "datePublished": "2020-05-18T21:53:20.000Z",
        "dateReserved": "2019-10-01T00:00:00.000Z",
        "dateUpdated": "2024-08-05T01:33:17.067Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-11533 (GCVE-0-2020-11533)

    Vulnerability from cvelistv5 – Published: 2020-04-04 19:02 – Updated: 2024-08-04 11:35
    VLAI
    Summary
    Ivanti Workspace Control before 10.4.30.0, when SCCM integration is enabled, allows local users to obtain sensitive information (keying material).
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T11:35:13.208Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://forums.ivanti.com/s/article/A-locally-authenticated-user-with-low-privileges-can-recover-keying-material-due-to-an-unspecified-attack-vector"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Ivanti Workspace Control before 10.4.30.0, when SCCM integration is enabled, allows local users to obtain sensitive information (keying material)."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-04-04T19:02:47.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://forums.ivanti.com/s/article/A-locally-authenticated-user-with-low-privileges-can-recover-keying-material-due-to-an-unspecified-attack-vector"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2020-11533",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Ivanti Workspace Control before 10.4.30.0, when SCCM integration is enabled, allows local users to obtain sensitive information (keying material)."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://forums.ivanti.com/s/article/A-locally-authenticated-user-with-low-privileges-can-recover-keying-material-due-to-an-unspecified-attack-vector",
                  "refsource": "MISC",
                  "url": "https://forums.ivanti.com/s/article/A-locally-authenticated-user-with-low-privileges-can-recover-keying-material-due-to-an-unspecified-attack-vector"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2020-11533",
        "datePublished": "2020-04-04T19:02:47.000Z",
        "dateReserved": "2020-04-04T00:00:00.000Z",
        "dateUpdated": "2024-08-04T11:35:13.208Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }