CVE-2023-38543
https://notcve.org/view.php?id=CVE-2023-38543
A vulnerability exists on all versions of the Ivanti Secure Access Client below 22.6R1.1, which could allow a locally authenticated attacker to exploit a vulnerable configuration, potentially leading to a denial of service (DoS) condition on the user machine. Cuando un atacante local carga un componente específico y puede enviar una solicitud especialmente manipulada a este componente, el atacante podría obtener privilegios elevados en el sistema afectado. • https://forums.ivanti.com/s/article/Security-fixes-included-in-the-latest-Ivanti-Secure-Access-Client-Release https://northwave-cybersecurity.com/vulnerability-notice/denial-of-service-in-ivanti-secure-access-client-driver •
CVE-2023-38041
https://notcve.org/view.php?id=CVE-2023-38041
A logged in user may elevate its permissions by abusing a Time-of-Check to Time-of-Use (TOCTOU) race condition. When a particular process flow is initiated, an attacker can exploit this condition to gain unauthorized elevated privileges on the affected system. Un usuario que haya iniciado sesión puede elevar sus permisos abusando de una condición de ejecución de Tiempo de Check a Tiempo de Uso (TOCTOU). Cuando se inicia un flujo de proceso particular, un atacante puede aprovechar esta condición para obtener privilegios elevados no autorizados en el sistema afectado. • https://github.com/ewilded/CVE-2023-38041-POC https://forums.ivanti.com/s/article/CVE-2023-38041-New-client-side-release-to-address-a-privilege-escalation-on-Windows-user-machines?language=en_US • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVE-2023-24492
https://notcve.org/view.php?id=CVE-2023-24492
A vulnerability has been discovered in the Citrix Secure Access client for Ubuntu which, if exploited, could allow an attacker to remotely execute code if a victim user opens an attacker-crafted link and accepts further prompts. • https://support.citrix.com/article/CTX564169/citrix-secure-access-client-for-ubuntu-security-bulletin-for-cve202324492 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2023-24491
https://notcve.org/view.php?id=CVE-2023-24491
A vulnerability has been discovered in the Citrix Secure Access client for Windows which, if exploited, could allow an attacker with access to an endpoint with Standard User Account that has the vulnerable client installed to escalate their local privileges to that of NT AUTHORITY\SYSTEM. • https://support.citrix.com/article/CTX561480/citrix-secure-access-client-for-windows-security-bulletin-for-cve202324491 • CWE-269: Improper Privilege Management •