EUVD-2025-17685

| CVE-2025-22455 HIGH
2025-06-10 3c1d8aa1-5a33-4ea4-8992-aadd6440af75
8.8
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

3
Analysis Generated
Mar 14, 2026 - 19:49 vuln.today
EUVD ID Assigned
Mar 14, 2026 - 19:49 euvd
EUVD-2025-17685
CVE Published
Jun 10, 2025 - 15:15 nvd
HIGH 8.8

Tags

Information Disclosure Ivanti Authentication Bypass Workspace Control

Description

A hardcoded key in Ivanti Workspace Control before version 10.19.0.0 allows a local authenticated attacker to decrypt stored SQL credentials.

Analysis

Cryptographic weakness in Ivanti Workspace Control prior to version 10.19.0.0 that uses a hardcoded encryption key to protect SQL database credentials stored locally. A local authenticated attacker with user-level privileges can exploit this to decrypt and extract stored SQL credentials without elevated permissions, potentially leading to lateral movement and data exfiltration. The CVSS 8.8 score reflects high severity due to confidentiality and integrity impacts across system boundaries, though exploitation requires local access and valid authentication.

Technical Context

This vulnerability stems from CWE-321 (Use of Hard-Coded Cryptographic Key), a root cause where sensitive encryption keys are embedded in application binaries or configuration files rather than derived from runtime secrets or key management systems. Ivanti Workspace Control (an endpoint management and control solution) stores SQL database credentials encrypted locally for service operation. The hardcoded key enables any authenticated local user to decrypt these credentials using the same key embedded in the application binary. The vulnerability affects CPE entries for Ivanti Workspace Control versions before 10.19.0.0 (product identifier: ivanti:workspace_control). The credential storage mechanism likely uses symmetric encryption (AES or similar) with a static key, violating fundamental cryptographic best practices that require unique, non-predictable keys.

Affected Products

Ivanti Workspace Control (All versions before 10.19.0.0); Ivanti Workspace Control (10.19.0.0 and later)

Remediation

Upgrade Ivanti Workspace Control to version 10.19.0.0 or later. This version contains cryptographic key hardening and likely implements dynamic key derivation or key management system integration.; priority: Critical; timeline: Immediate for systems in multi-user environments or handling sensitive data Workaround: Until patching, restrict local system access strictly to trusted administrators. Implement operating system-level access controls to limit unprivileged user login to Workspace Control host systems.; priority: High; effectiveness: Mitigates but does not eliminate risk—reduces attack surface by limiting authenticated local access Detection: Monitor for unusual access to Workspace Control installation directories and SQL credential files. Log and alert on any decryption utility execution or file system access by non-administrative accounts.; priority: High Credential Rotation: After patching, rotate all SQL database credentials managed by Workspace Control and audit database access logs for unauthorized activity during the vulnerable window.; priority: High

Priority Score

44
Low Medium High Critical
KEV: 0
EPSS: +0.3
CVSS: +44
POC: 0

Share

EUVD-2025-17685 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy