CVE-2023-35080

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Nov 15, 2023
Updated: Jan 7, 2025
CWE ID 276

Summary

CVE-2023-35080 is a recently disclosed vulnerability affecting the Ivanti Secure Access Windows client. This issue grants locally authenticated attackers the ability to exploit a vulnerable configuration. The consequences of this vulnerability can be severe, including the escalation of privileges, denial of service attacks, and information disclosure. It is crucial for organizations using Ivanti Secure Access to apply the necessary patches as soon as possible to mitigate these risks. Failure to do so may leave systems vulnerable to exploitation.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Ivanti Secure Access Client

Affected Vendors

  • Ivanti Software Inc.