Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2023-35080

Published: 15/11/2023 Updated: 22/11/2023
CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8
VMScore: 0
Subscribe to Secure Access Client

Vulnerability Summary

A vulnerability has been identified in the Ivanti Secure Access Windows client, which could allow a locally authenticated malicious user to exploit a vulnerable configuration, potentially leading to various security risks, including the escalation of privileges, denial of service, or information disclosure.

Vulnerable Product Search on Vulmon Subscribe to Product

ivanti secure_access_client

ivanti secure_access_client 22.6

Github Repositories

https://github.com/HopHouse/Ivanti-Pulse_VPN-Client_Exploit-CVE-2023-35080_Privilege-escalation

Ivanti/Pulse VPN Client Exploit of CVE-2023-35080 leading to a privilege escalation Code related to the exploitation of the CVE-2023-35080 which leverages a write primitive in the Ivanti/Pulse VPN client kernel driver in Windows The write primitive conducts to a privilege escalation The exploit was built with the help of the technical details shared in the following article :

References

NVD-CWE-noinfohttps://forums.ivanti.com/s/article/Security-fixes-included-in-the-latest-Ivanti-Secure-Access-Client-Releasehttps://nvd.nist.govhttps://github.com/HopHouse/Ivanti-Pulse_VPN-Client_Exploit-CVE-2023-35080_Privilege-escalation
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463CVE-2024-29895injectCVE-2023-52689CVE-2024-5049CVE-2024-5051privilege escalationphysicalCVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook