Ivanti Workspace Control

10 CVEs affecting Ivanti Workspace Control. Latest disclosed: 2025-06-10. Critical: 0, High: 10.

Top CVEs affecting Ivanti Workspace Control
CVESeverityScorePublishedSummary
CVE-2025-5353High8.82025-06-10A hardcoded key in Ivanti Workspace Control before version 10.19.10.0 allows a local authenticated attacker to decrypt stored SQL credentials.
CVE-2025-22455High8.82025-06-10A hardcoded key in Ivanti Workspace Control before version 10.19.0.0 allows a local authenticated attacker to decrypt stored SQL credentials.
CVE-2024-44107High8.82024-09-10DLL hijacking in the management console of Ivanti Workspace Control before version 2025.2 (10.19.0.0) allows a local authenticated attacker to escalate their p…
CVE-2024-44106High8.82024-09-10Insufficient server-side controls in the management console of Ivanti Workspace Control before version 2025.2 (10.19.0.0) allows a local authenticated attacker…
CVE-2024-44104High8.82024-09-10An incorrectly implemented authentication scheme that is subjected to a spoofing attack in the management console of Ivanti Workspace Control before version 20…
CVE-2024-44103High8.82024-09-10DLL hijacking in the management console of Ivanti Workspace Control before version 2025.2 (10.19.0.0) allows a local authenticated attacker to escalate their p…
CVE-2024-44105High8.22024-09-10Cleartext transmission of sensitive information in the management console of Ivanti Workspace Control before version 2025.2 (10.19.0.0) allows a local authent…
CVE-2024-8496High7.82024-12-11Under specific circumstances, insecure permissions in Ivanti Workspace Control before version 10.18.40.0 allows a local authenticated attacker to achieve local…
CVE-2024-8012High7.82024-09-10An authentication bypass weakness in the message broker service of Ivanti Workspace Control before version 2025.2 (10.19.0.0) allows a local authenticated atta…
CVE-2025-22463High7.32025-06-10A hardcoded key in Ivanti Workspace Control before version 10.19.10.0 allows a local authenticated attacker to decrypt the stored environment password.