CVE-2024-10630

Summary

A race condition in Ivanti Application Control Engine before version 10.14.4.0 allows a local authenticated attacker to bypass the application blocking functionality.

Affected Software

VendorProductVersion RangeStatus
IvantiApplication Control Engine10.14.4.0unaffected

Weaknesses

  • CWE-366: CWE-366: Race Condition within a Thread

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References