vulnerability
Ivanti Pulse Connect Secure: CVE-2024-21888 Privilege Escalation for Ivanti Connect Secure and Ivanti Policy Secure
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:N/C:C/I:P/A:N) | Jan 31, 2024 | Feb 1, 2024 | Nov 21, 2025 |
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:C/I:P/A:N)
Published
Jan 31, 2024
Added
Feb 1, 2024
Modified
Nov 21, 2025
Description
As part of our ongoing investigation into the vulnerabilities reported on 10 January in Ivanti Connect Secure, Ivanti Policy Secure and ZTA gateways, we have discovered new vulnerabilities. These vulnerabilities impact all supported versions – Version 9.x and 22.x (refer to Granular Software Release EOL Timelines and Support Matrix for supported versions).
Solutions
pulse-secure-pulse-connect-secure-upgrade-22_2r3pulse-secure-pulse-connect-secure-upgrade-22_4r2_2pulse-secure-pulse-connect-secure-upgrade-22_5r2_2pulse-secure-pulse-connect-secure-upgrade-9_1r18_3
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.