CVE-2024-8496
CVSS 3.1 Score 7.8 of 10 (high)
Details
Summary
CVE-2024-8496 is a newly disclosed vulnerability affecting Ivanti Workspace Control prior to version 10.18.40.0. This issue permits a local authenticated attacker to exploit insecure permissions and escalate privileges within the system. The attacker can leverage this vulnerability to gain elevated access, potentially leading to unauthorized modifications or data exfiltration. By manipulating specific settings, an attacker can bypass intended access controls and escalate their privileges, posing a significant risk to organizations using the affected Ivanti Workspace Control version. It is strongly recommended that users upgrade to the latest version to mitigate this vulnerability.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.