CVE-2019-16382

Name of the Vulnerable Software and Affected Versions Ivanti Workspace Control version 10.3.110.0

Description An issue allows bypassing Ivanti's FileGuard folder protection by renaming the WMTemp work folder used by PowerGrid, enabling the creation of a malicious PowerGrid XML file. After renaming the folder back to its original value, exploitation can be achieved by using PowerGrid with the /SEE parameter to execute an arbitrary command specified in the XML file.

Recommendations For Ivanti Workspace Control version 10.3.110.0, consider restricting access to the PowerGrid XML file and the WMTemp work folder to minimize the risk of exploitation. As a temporary workaround, avoid using the /SEE parameter with PowerGrid until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.