CVE-2023-35080
CVSS 3.1 Score 7.8 of 10 (high)
Details
Published Nov 15, 2023
Updated: Jan 7, 2025
CWE ID 276
Summary
CVE-2023-35080 is a recently disclosed vulnerability affecting the Ivanti Secure Access Windows client. This issue grants locally authenticated attackers the ability to exploit a vulnerable configuration. The consequences of this vulnerability can be severe, including the escalation of privileges, denial of service attacks, and information disclosure. It is crucial for organizations using Ivanti Secure Access to apply the necessary patches as soon as possible to mitigate these risks. Failure to do so may leave systems vulnerable to exploitation.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- Ivanti Secure Access Client
Affected Vendors
- Ivanti Software Inc.