CVE-2019-17066

Published: May 18, 2020Modified: Nov 21, 2024

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

In Ivanti WorkSpace Control before 10.4.40.0, a user can elevate rights on the system by hijacking certain user registries. This is possible because pwrgrid.exe first checks the Current User registry hives (HKCU) when starting an application with elevated rights.

Affected (1)

Products: Ivanti: Workspace Control

1 product

Workspace Control

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Ivanti Workspace Control	Before 10.4.40.0

Related CWEs

Improper Privilege Management

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

References (2)

https://forums.ivanti.com/s/article/A-locally-authenticated-user-with-low-privileges-can-acquire-admin-privileges-by-hijacking-certain-user-registry-entries

Source: cve@mitre.org

Vendor Advisory

https://forums.ivanti.com/s/article/A-locally-authenticated-user-with-low-privileges-can-acquire-admin-privileges-by-hijacking-certain-user-registry-entries

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.