Version 10.18.50.0

CVE-2024-44107

DLL hijacking in the management console of Ivanti Workspace Control version 10.18.0.0 and below allows a local authenticated attacker to escalate their privileges and achieve arbitrary code execution.

HIGH CVSS 8.8 Published Sep 10, 2024

CVE-2024-44106

Insufficient server-side controls in the management console of Ivanti Workspace Control version 10.18.0.0 and below allows a local authenticated attacker to escalate their privileges.

HIGH CVSS 8.8 Published Sep 10, 2024

CVE-2024-44105

Cleartext transmission of sensitive information in the management console of Ivanti Workspace Control version 10.18.0.0 and below allows a local authenticated attacker to obtain OS credentials.

HIGH CVSS 8.2 Published Sep 10, 2024

CVE-2024-44104

An incorrectly implemented authentication scheme that is subjected to a spoofing attack in the management console of Ivanti Workspace Control version 10.18.0.0 and below allows a local authenticated attacker to escalate their privileges.

HIGH CVSS 8.8 Published Sep 10, 2024

CVE-2024-44103

DLL hijacking in the management console of Ivanti Workspace Control version 10.18.0.0 and below allows a local authenticated attacker to escalate their privileges.

HIGH CVSS 8.8 Published Sep 10, 2024

CVE-2024-8012

An authentication bypass weakness in the message broker service of Ivanti Workspace Control version 10.18.0.0 and below allows a local authenticated attacker to escalate their privileges.

HIGH CVSS 7.8 Published Sep 10, 2024