CVE-2024-38654

Summary

Improper bounds checking in Ivanti Secure Access Client before version 22.7R3 allows a local authenticated attacker with admin privileges to cause a denial of service.

Affected Software

VendorProductVersion RangeStatus
IvantiSecure Access Client22.7R3 < 22.7R3affected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References