vulnerability

Ivanti Secure Access Client: CVE-2023-41718: Incorrect Default Permissions

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:L/AC:L/Au:S/C:C/I:C/A:C)	Nov 9, 2023	Oct 9, 2025	Oct 9, 2025

Severity

CVSS

(AV:L/AC:L/Au:S/C:C/I:C/A:C)

Published

Nov 9, 2023

Added

Oct 9, 2025

Modified

Oct 9, 2025

Description

A vulnerability exists on all versions of the Ivanti Secure Access Client below 22.6R1 that would allow an unprivileged local user to gain unauthorized elevated privileges on the affected system.

Solution

ivanti-secure-access-client-upgrade-latest

References

URL-https://forums.ivanti.com/s/article/Security-fixes-included-in-the-latest-Ivanti-Secure-Access-Client-Release
CVE-2023-41718
https://attackerkb.com/topics/CVE-2023-41718
CWE-276

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today