EUVD-2026-29486
GHSA-3p86-c4c4-99r5
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
2DescriptionNVD
A race condition in Ivanti Secure Access Client before 22.8R6 allows a locally authenticated user to escalate privileges to SYSTEM
AnalysisAI
Race condition in Ivanti Secure Access Client enables local privilege escalation to SYSTEM from low-privileged accounts. Affects versions before 22.8R6. …
Sign in for full analysis, threat intelligence, and remediation guidance.
RemediationAI
Within 24 hours: Inventory all systems running Ivanti Secure Access Client and document current versions via endpoint management tools; notify affected user populations that local account compromise poses elevated risk. Within 7 days: Restrict local administrative access and enforce application whitelisting where feasible; deploy endpoint detection and response (EDR) rules to flag suspicious privilege escalation attempts on Ivanti processes; evaluate isolation or network segmentation of high-value systems. …
Sign in for detailed remediation steps.
More from same product – last 7 days
Share
External POC / Exploit Code
Leaving vuln.today