CVE-2023-38543
https://notcve.org/view.php?id=CVE-2023-38543
A vulnerability exists on all versions of the Ivanti Secure Access Client below 22.6R1.1, which could allow a locally authenticated attacker to exploit a vulnerable configuration, potentially leading to a denial of service (DoS) condition on the user machine. Cuando un atacante local carga un componente específico y puede enviar una solicitud especialmente manipulada a este componente, el atacante podría obtener privilegios elevados en el sistema afectado. • https://forums.ivanti.com/s/article/Security-fixes-included-in-the-latest-Ivanti-Secure-Access-Client-Release https://northwave-cybersecurity.com/vulnerability-notice/denial-of-service-in-ivanti-secure-access-client-driver •
CVE-2023-38041
https://notcve.org/view.php?id=CVE-2023-38041
A logged in user may elevate its permissions by abusing a Time-of-Check to Time-of-Use (TOCTOU) race condition. When a particular process flow is initiated, an attacker can exploit this condition to gain unauthorized elevated privileges on the affected system. Un usuario que haya iniciado sesión puede elevar sus permisos abusando de una condición de ejecución de Tiempo de Check a Tiempo de Uso (TOCTOU). Cuando se inicia un flujo de proceso particular, un atacante puede aprovechar esta condición para obtener privilegios elevados no autorizados en el sistema afectado. • https://github.com/ewilded/CVE-2023-38041-POC https://forums.ivanti.com/s/article/CVE-2023-38041-New-client-side-release-to-address-a-privilege-escalation-on-Windows-user-machines?language=en_US • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •