CVE-2019-17066

Name of the Vulnerable Software and Affected Versions Ivanti WorkSpace Control versions prior to 10.4.40.0

Description A user can elevate rights on the system by hijacking certain user registries. This is possible because pwrgrid.exe first checks the Current User registry hives (HKCU) when starting an application with elevated rights.

Recommendations For versions prior to 10.4.40.0, update to version 10.4.40.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the pwrgrid.exe executable to minimize the risk of exploitation.