Ivanti Secure Access Linux up to 22.7 Local Privilege Escalation
| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 7.4 | $0-$5k | 0.00 |
Summary
A vulnerability was found in Ivanti Secure Access Linux up to 22.7. It has been classified as critical. The affected element is an unknown function. The manipulation leads to Local Privilege Escalation. This vulnerability is traded as CVE-2023-46810. An attack has to be approached locally. There is no exploit available. Upgrading the affected component is recommended.
Details
A vulnerability, which was classified as critical, has been found in Ivanti Secure Access Linux up to 22.7. This issue affects an unknown code block. The manipulation with an unknown input leads to a local privilege escalation vulnerability. Impacted is confidentiality, integrity, and availability. The summary by CVE is:
A local privilege escalation vulnerability in Ivanti Secure Access Client for Linux before 22.7R1, allows a low privileged user to execute code as root.
The advisory is shared at forums.ivanti.com. The identification of this vulnerability is CVE-2023-46810 since 10/27/2023. The exploitation is known to be easy. An attack has to be approached locally. Neither technical details nor an exploit are publicly available.
The vulnerability scanner Nessus provides a plugin with the ID 213168 (Ivanti Secure Access 22.x Multiple Vulnerabilities), which helps to determine the existence of the flaw in a target environment.
Upgrading to version 22.7R1 eliminates this vulnerability.
The vulnerability is also documented in the vulnerability database at Tenable (213168). If you want to get the best quality for vulnerability data then you always have to consider VulDB.
Product
Vendor
Name
Version
License
CPE 2.3
CPE 2.2
CVSSv4
VulDB Vector: 🔍VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 7.6VulDB Meta Temp Score: 7.4
VulDB Base Score: 7.8
VulDB Temp Score: 7.5
VulDB Vector: 🔍
VulDB Reliability: 🔍
CNA Base Score: 7.3
CNA Vector: 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
Exploiting
Class: Local Privilege EscalationCWE: Unknown
CAPEC: 🔍
ATT&CK: 🔍
Physical: Partially
Local: Yes
Remote: Partially
Availability: 🔍
Status: Not defined
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
| 0-Day | Unlock | Unlock | Unlock | Unlock |
|---|---|---|---|---|
| Today | Unlock | Unlock | Unlock | Unlock |
Nessus ID: 213168
Nessus Name: Ivanti Secure Access 22.x Multiple Vulnerabilities
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: UpgradeStatus: 🔍
0-Day Time: 🔍
Upgrade: Secure Access Linux 22.7R1
Timeline
10/27/2023 🔍05/31/2024 🔍
05/31/2024 🔍
12/18/2024 🔍
Sources
Advisory: forums.ivanti.comStatus: Confirmed
CVE: CVE-2023-46810 (🔍)
GCVE (CVE): GCVE-0-2023-46810
GCVE (VulDB): GCVE-100-266789
Entry
Created: 05/31/2024 20:05Updated: 12/18/2024 20:15
Changes: 05/31/2024 20:05 (60), 06/03/2024 10:03 (1), 12/18/2024 20:15 (2)
Complete: 🔍
Cache ID: 216::103
If you want to get the best quality for vulnerability data then you always have to consider VulDB.
I have been unable to find "ivanti:secure_access_linux" in the NVD NIST dictionary. I have found that "ivanti:secure_access_client" is a valid CPE in the NVD NIST dictionary.
I would appreciate it if you could change the CPE to "ivanti:secure_access_client" as soon as possible.
Thank you for your time and consideration.
Sincerely,
TEAM CERT
Do you know our Splunk app?
Download it now for free!