CVE-2023-41726
CVSS 3.1 Score 7.8 of 10 (high)
Details
Summary
CVE-2023-41726 is a newly disclosed vulnerability affecting Ivanti Avalanche. The issue stems from incorrect default permissions, granting local users the ability to escalate privileges. This can potentially enable attackers to gain elevated access and exploit the system, leading to significant security risks. Ivanti has released a patch to address this vulnerability and urges users to apply it promptly to mitigate potential threats. Unpatched systems are left vulnerable to attacks, allowing unauthorized users to potentially access sensitive data or gain administrative control.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- Ivanti Avalanche
Affected Vendors
- Ivanti Software Inc.