Secure access client
This hub aggregates every CVE we track for Secure access client, a product in the cloud saas space. Use it to gauge the current risk picture and drill into individual advisories.
23
CVEs tracked
0
Critical
17
High
0
In CISA KEV
Severity distribution
HIGH17MEDIUM6
Monthly trend
0
0
0
6
0
0
3
0
0
0
1
0
0
0
0
0
0
0
0
0
0
3
0
0
2024-082026-07
Latest CVEs
The 15 most recently published vulnerabilities affecting Secure access client.
- CVE-2026-8992An improper certificate validation vulnerability in Ivanti Secure Access Client before 22.8R6 allows a remote unauthenticated attacker to execute arbitrary code.8.8
- CVE-2026-7432A race condition in Ivanti Secure Access Client before 22.8R6 allows a locally authenticated user to escalate privileges to SYSTEM7.8
- CVE-2026-7431An incorrect permission assignment for critical resource of Ivanti Secure Access Client before 22.8R6 allows a local authenticated user to read or modify sensitive log data via write access to ...4.4
- CVE-2025-0320Citrix Secure Access - Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges7.8
- CVE-2025-1223An attacker can gain application privileges in order to perform limited modification and/or read arbitrary data6.1
- CVE-2025-1222An attacker can gain application privileges in order to perform limited modification and/or read arbitrary data6.1
- CVE-2024-13813Insufficient permissions in Ivanti Secure Access Client before version 22.8R1 allows a local authenticated attacker to delete arbitrary files.7.1
- CVE-2024-37398Insufficient validation in Ivanti Secure Access Client before 22.7R4 allows a local authenticated attacker to escalate their privileges.7.8
- CVE-2024-38654Improper bounds checking in Ivanti Secure Access Client before version 22.7R3 allows a local authenticated attacker with admin privileges to cause a denial of service.4.4
- CVE-2024-7571Incorrect permissions in Ivanti Secure Access Client before 22.7R4 allows a local authenticated attacker to escalate their privileges.7.8
- CVE-2024-9843A buffer over-read in Ivanti Secure Access Client before 22.7R4 allows a local unauthenticated attacker to cause a denial of service.5.0
- CVE-2024-9842Incorrect permissions in Ivanti Secure Access Client before version 22.7R4 allows a local authenticated attacker to create arbitrary folders.7.3
- CVE-2024-8539Improper authorization in Ivanti Secure Access Client before version 22.7R3 allows a local authenticated attacker to modify sensitive configuration files.7.1
- CVE-2023-46810A local privilege escalation vulnerability in Ivanti Secure Access Client for Linux before 22.7R1, allows a low privileged user to execute code as root. 7.3
- CVE-2023-38042A local privilege escalation vulnerability in Ivanti Secure Access Client for Windows allows a low privileged user to execute code as SYSTEM. 7.8
Product normalization is registry-driven with AI assist and human review. How it works