Privilege escalation via crafted file in unknown system component
CVE-2023-41718 Published on November 15, 2023
When a particular process flow is initiated, an attacker may be able to gain unauthorized elevated privileges on the affected system when having control over a specific file.
Weakness Type
Incorrect Default Permissions
During installation, installed file permissions are set to allow anyone to modify those files.
Products Associated with CVE-2023-41718
Want to know whenever a new CVE is published for Ivanti Secure Access Client? stack.watch will email you.
Affected Versions
Ivanti Secure Access:- Version 22.6.1.1 and below 22.6.1.1 is affected.
Exploit Probability
EPSS
0.27%
Percentile
49.86%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.