CVE-2024-11598

Name of the Vulnerable Software and Affected Versions Ivanti Application Control versions prior to 2024.3 HF1 Ivanti Application Control versions prior to 2024.1 HF2 Ivanti Application Control versions prior to 2023.3 HF3

Description Under specific circumstances, insecure permissions in Ivanti Application Control allow a local authenticated attacker to achieve local privilege escalation.

Recommendations For versions prior to 2024.3 HF1, update to version 2024.3 HF1 or later. For versions prior to 2024.1 HF2, update to version 2024.1 HF2 or later. For versions prior to 2023.3 HF3, update to version 2023.3 HF3 or later.