Skip to main content

Workspace Control CVE-2025-22455

| EUVDEUVD-2025-17685 HIGH
Use of Hard-coded Cryptographic Key (CWE-321)
2025-06-10 3c1d8aa1-5a33-4ea4-8992-aadd6440af75
8.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
8.8 HIGH
AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

3
EUVD ID Assigned
Mar 14, 2026 - 19:49 euvd
EUVD-2025-17685
Analysis Generated
Mar 14, 2026 - 19:49 vuln.today
CVE Published
Jun 10, 2025 - 15:15 nvd
HIGH 8.8

DescriptionCVE.org

A hardcoded key in Ivanti Workspace Control before version 10.19.0.0 allows a local authenticated attacker to decrypt stored SQL credentials.

AnalysisAI

Cryptographic weakness in Ivanti Workspace Control prior to version 10.19.0.0 that uses a hardcoded encryption key to protect SQL database credentials stored locally. A local authenticated attacker with user-level privileges can exploit this to decrypt and extract stored SQL credentials without elevated permissions, potentially leading to lateral movement and data exfiltration. The CVSS 8.8 score reflects high severity due to confidentiality and integrity impacts across system boundaries, though exploitation requires local access and valid authentication.

Technical ContextAI

This vulnerability stems from CWE-321 (Use of Hard-Coded Cryptographic Key), a root cause where sensitive encryption keys are embedded in application binaries or configuration files rather than derived from runtime secrets or key management systems. Ivanti Workspace Control (an endpoint management and control solution) stores SQL database credentials encrypted locally for service operation. The hardcoded key enables any authenticated local user to decrypt these credentials using the same key embedded in the application binary. The vulnerability affects CPE entries for Ivanti Workspace Control versions before 10.19.0.0 (product identifier: ivanti:workspace_control). The credential storage mechanism likely uses symmetric encryption (AES or similar) with a static key, violating fundamental cryptographic best practices that require unique, non-predictable keys.

RemediationAI

Upgrade Ivanti Workspace Control to version 10.19.0.0 or later. This version contains cryptographic key hardening and likely implements dynamic key derivation or key management system integration.; priority: Critical; timeline: Immediate for systems in multi-user environments or handling sensitive data Workaround: Until patching, restrict local system access strictly to trusted administrators. Implement operating system-level access controls to limit unprivileged user login to Workspace Control host systems.; priority: High; effectiveness: Mitigates but does not eliminate risk—reduces attack surface by limiting authenticated local access Detection: Monitor for unusual access to Workspace Control installation directories and SQL credential files. Log and alert on any decryption utility execution or file system access by non-administrative accounts.; priority: High Credential Rotation: After patching, rotate all SQL database credentials managed by Workspace Control and audit database access logs for unauthorized activity during the vulnerable window.; priority: High

CVE-2018-15592 HIGH POC
7.8 Oct 15

An issue was discovered in Ivanti Workspace Control before 10.3.10.0 and RES One Workspace. Rated high severity (CVSS 7.

CVE-2018-15591 HIGH POC
7.8 Oct 15

An issue was discovered in Ivanti Workspace Control before 10.3.10.0 and RES One Workspace. Rated high severity (CVSS 7.

CVE-2025-5353 HIGH
8.8 Jun 10

Credential disclosure vulnerability in Ivanti Workspace Control versions before 10.19.10.0, where a hardcoded cryptograp

CVE-2024-8496 HIGH
7.8 Dec 11

Under specific circumstances, insecure permissions in Ivanti Workspace Control before version 10.18.40.0 allows a local

CVE-2024-8012 HIGH
7.8 Sep 10

An authentication bypass weakness in the message broker service of Ivanti Workspace Control before version 2025.2 (10.19

CVE-2024-44107 HIGH
7.8 Sep 10

DLL hijacking in the management console of Ivanti Workspace Control before version 2025.2 (10.19.0.0) allows a local aut

CVE-2024-44106 HIGH
7.8 Sep 10

Insufficient server-side controls in the management console of Ivanti Workspace Control before version 2025.2 (10.19.0.0

CVE-2024-44105 HIGH
7.8 Sep 10

Cleartext transmission of sensitive information in the management console of Ivanti Workspace Control before version 202

CVE-2024-44104 HIGH
7.8 Sep 10

An incorrectly implemented authentication scheme that is subjected to a spoofing attack in the management console of Iva

CVE-2024-44103 HIGH
7.8 Sep 10

DLL hijacking in the management console of Ivanti Workspace Control before version 2025.2 (10.19.0.0) allows a local aut

CVE-2021-36235 HIGH
7.8 Sep 01

An issue was discovered in Ivanti Workspace Control before 10.6.30.0. Rated high severity (CVSS 7.8), this vulnerability

CVE-2019-19675 HIGH
7.8 Dec 17

In Ivanti Workspace Control before 10.3.180.0. Rated high severity (CVSS 7.8), this vulnerability is low attack complexi

Share

CVE-2025-22455 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy