CVE-2024-21888

描述： A privilege escalation vulnerability in web component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows a user to elevate privileges to that of an administrator.

The vendor advisory has indicated that this local privilege escalation vulnerability is located in the web component of Ivanti Connect Secure (ICS). The vendor has indicated this vulnerability is not know to be exploited in the wild at the time of disclosure. The vulnerability allows an ICS user account to elevate their privileges to an ICS administrator account (and not specifically the local Operating System root account).

ICS is a common enterprise VPN solution and has been popular targeted as an initial access vector. I have rated this vulnerability with an Attacker Value of Medium for this reason, although as this is a privilege escalation vulnerability it is less valuable than a fully unauthenticated RCE vulnerability that achieved RCE with root privileges. I have not given an Exploitability rating as there are no known public details regarding exploitation.

其他

#attackerkb.com

CVE-2024-21888

http://example.com/2025/07/11/other_256985427/

作者

lianccc

发布于

2025年7月11日

许可协议

CVE-2025-32756 上一篇

Pre-Auth SQL Injection to RCE - Fortinet FortiWeb Fabric Connector (CVE-2025-25257) 下一篇