CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-38042
https://notcve.org/view.php?id=CVE-2023-38042
31 May 2024 — A local privilege escalation vulnerability in Ivanti Secure Access Client for Windows allows a low privileged user to execute code as SYSTEM. Una vulnerabilidad de escalada de privilegios local en Ivanti Secure Access Client para Windows permite a un usuario con pocos privilegios ejecutar código como SYSTEM. • https://forums.ivanti.com/s/article/Security-Advisory-May-2024?language=en_US • CWE-250: Execution with Unnecessary Privileges •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2023-24492
https://notcve.org/view.php?id=CVE-2023-24492
11 Jul 2023 — A vulnerability has been discovered in the Citrix Secure Access client for Ubuntu which, if exploited, could allow an attacker to remotely execute code if a victim user opens an attacker-crafted link and accepts further prompts. A vulnerability has been discovered in the Citrix Secure Access client for Ubuntu which, if exploited, could allow an attacker to remotely execute code if a victim user opens an attacker-crafted link and accepts further prompts. • https://support.citrix.com/article/CTX564169/citrix-secure-access-client-for-ubuntu-security-bulletin-for-cve202324492 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-24491
https://notcve.org/view.php?id=CVE-2023-24491
11 Jul 2023 — A vulnerability has been discovered in the Citrix Secure Access client for Windows which, if exploited, could allow an attacker with access to an endpoint with Standard User Account that has the vulnerable client installed to escalate their local privileges to that of NT AUTHORITY\SYSTEM. A vulnerability has been discovered in the Citrix Secure Access client for Windows which, if exploited, could allow an attacker with access to an endpoint with Standard User Account that has the vulnerable client installed... • https://support.citrix.com/article/CTX561480/citrix-secure-access-client-for-windows-security-bulletin-for-cve202324491 • CWE-269: Improper Privilege Management •