CVE-2024-44107
HIGHIvanti Workspace Control < 10.18.99.0 - Uncontrolled Search Path
Title source: ruleDescription
DLL hijacking in the management console of Ivanti Workspace Control before version 2025.2 (10.19.0.0) allows a local authenticated attacker to escalate their privileges and achieve arbitrary code execution.
Scores
CVSS v3
8.8
EPSS
0.0040
EPSS Percentile
60.4%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Classification
CWE
CWE-427
Status
published
Affected Products (1)
ivanti/workspace_control
< 10.18.99.0
Timeline
Published
Sep 10, 2024
Tracked Since
Feb 18, 2026