Ivanti Workspace Control — known CVE vulnerabilities
Every CVE whose affected-product data names Ivanti Workspace Control, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (22)
CVE-2019-16382 — CVSS 9.8 (critical): An issue was discovered in Ivanti Workspace Control 10.3.110.0. One is able to bypass Ivanti's FileGuard folder protection by renaming the…
CVE-2025-22455 — CVSS 8.8 (high): A hardcoded key in Ivanti Workspace Control before version 10.19.0.0 allows a local authenticated attacker to decrypt stored SQL…
CVE-2024-44107 — CVSS 8.8 (high): DLL hijacking in the management console of Ivanti Workspace Control before version 2025.2 (10.19.0.0) allows a local authenticated attacker…
CVE-2024-44103 — CVSS 8.8 (high): DLL hijacking in the management console of Ivanti Workspace Control before version 2025.2 (10.19.0.0) allows a local authenticated attacker…
CVE-2024-44104 — CVSS 8.8 (high): An incorrectly implemented authentication scheme that is subjected to a spoofing attack in the management console of Ivanti Workspace…
CVE-2024-44106 — CVSS 8.8 (high): Insufficient server-side controls in the management console of Ivanti Workspace Control before version 2025.2 (10.19.0.0) allows a local…
CVE-2025-5353 — CVSS 8.8 (high): A hardcoded key in Ivanti Workspace Control before version 10.19.10.0 allows a local authenticated attacker to decrypt stored SQL…
CVE-2024-44105 — CVSS 8.2 (high): Cleartext transmission of sensitive information in the management console of Ivanti Workspace Control before version 2025.2 (10.19.0.0)…
CVE-2024-8496 — CVSS 7.8 (high): Under specific circumstances, insecure permissions in Ivanti Workspace Control before version 10.18.40.0 allows a local authenticated…
CVE-2018-15593 — CVSS 7.8 (high): An issue was discovered in Ivanti Workspace Control before 10.3.10.0 and RES One Workspace. A local authenticated user can decrypt the…
CVE-2019-10885 — CVSS 7.8 (high): An issue was discovered in Ivanti Workspace Control before 10.3.90.0. Local authenticated users with low privileges in a Workspace Control…
CVE-2019-17066 — CVSS 7.8 (high): In Ivanti WorkSpace Control before 10.4.40.0, a user can elevate rights on the system by hijacking certain user registries. This is…
CVE-2019-19675 — CVSS 7.8 (high): In Ivanti Workspace Control before 10.3.180.0. a locally authenticated user with low privileges can bypass Managed Application Security by…
CVE-2018-15591 — CVSS 7.8 (high): An issue was discovered in Ivanti Workspace Control before 10.3.10.0 and RES One Workspace. A local authenticated user can bypass…
CVE-2021-36235 — CVSS 7.8 (high): An issue was discovered in Ivanti Workspace Control before 10.6.30.0. A locally authenticated user with low privileges can bypass File and…
CVE-2018-15592 — CVSS 7.8 (high): An issue was discovered in Ivanti Workspace Control before 10.3.10.0 and RES One Workspace. A local authenticated user can execute…
CVE-2024-8012 — CVSS 7.8 (high): An authentication bypass weakness in the message broker service of Ivanti Workspace Control before version 2025.2 (10.19.0.0) allows a…
CVE-2025-22463 — CVSS 7.3 (high): A hardcoded key in Ivanti Workspace Control before version 10.19.10.0 allows a local authenticated attacker to decrypt the stored…
CVE-2022-21823 — CVSS 5.5 (medium): A insecure storage of sensitive information vulnerability exists in Ivanti Workspace Control <2021.2 (10.7.30.0) that could allow an…
CVE-2020-11533 — CVSS 5.5 (medium): Ivanti Workspace Control before 10.4.30.0, when SCCM integration is enabled, allows local users to obtain sensitive information (keying…
CVE-2018-15590 — CVSS 5.5 (medium): An issue was discovered in Ivanti Workspace Control before 10.3.0.0 and RES One Workspace, when file and folder security are configured. A…