Ivanti Workspace Control
10 CVEs affecting Ivanti Workspace Control. Latest disclosed: 2025-06-10. Critical: 0, High: 10.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-5353 | High | 8.8 | 2025-06-10 | A hardcoded key in Ivanti Workspace Control before version 10.19.10.0 allows a local authenticated attacker to decrypt stored SQL credentials. |
CVE-2025-22455 | High | 8.8 | 2025-06-10 | A hardcoded key in Ivanti Workspace Control before version 10.19.0.0 allows a local authenticated attacker to decrypt stored SQL credentials. |
CVE-2024-44107 | High | 8.8 | 2024-09-10 | DLL hijacking in the management console of Ivanti Workspace Control before version 2025.2 (10.19.0.0) allows a local authenticated attacker to escalate their p… |
CVE-2024-44106 | High | 8.8 | 2024-09-10 | Insufficient server-side controls in the management console of Ivanti Workspace Control before version 2025.2 (10.19.0.0) allows a local authenticated attacker… |
CVE-2024-44104 | High | 8.8 | 2024-09-10 | An incorrectly implemented authentication scheme that is subjected to a spoofing attack in the management console of Ivanti Workspace Control before version 20… |
CVE-2024-44103 | High | 8.8 | 2024-09-10 | DLL hijacking in the management console of Ivanti Workspace Control before version 2025.2 (10.19.0.0) allows a local authenticated attacker to escalate their p… |
CVE-2024-44105 | High | 8.2 | 2024-09-10 | Cleartext transmission of sensitive information in the management console of Ivanti Workspace Control before version 2025.2 (10.19.0.0) allows a local authent… |
CVE-2024-8496 | High | 7.8 | 2024-12-11 | Under specific circumstances, insecure permissions in Ivanti Workspace Control before version 10.18.40.0 allows a local authenticated attacker to achieve local… |
CVE-2024-8012 | High | 7.8 | 2024-09-10 | An authentication bypass weakness in the message broker service of Ivanti Workspace Control before version 2025.2 (10.19.0.0) allows a local authenticated atta… |
CVE-2025-22463 | High | 7.3 | 2025-06-10 | A hardcoded key in Ivanti Workspace Control before version 10.19.10.0 allows a local authenticated attacker to decrypt the stored environment password. |