Ivanti Security Controls — known CVE vulnerabilities
Every CVE whose affected-product data names Ivanti Security Controls, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2024-10251 — CVSS 7.8 (high): Under specific circumstances, insecure permissions in Ivanti Security Controls before version 2024.4.1 allows a local authenticated…
CVE-2024-10630 — CVSS 7.8 (high): A race condition in Ivanti Application Control Engine before version 10.14.4.0 allows a local authenticated attacker to bypass the…
CVE-2024-10256 — CVSS 7.1 (high): Insufficient permissions in Ivanti Patch SDK before version 9.7.703 allows a local authenticated attacker to delete arbitrary files.