First published: Tue Nov 14 2023(Updated: )
When a particular process flow is initiated, an attacker may be able to gain unauthorized elevated privileges on the affected system when having control over a specific file.
|Affected Software||Affected Version||How to fix|
|Ivanti Secure Access Client||=22.2-r1|
|Ivanti Secure Access Client||=22.3-r1|
|Ivanti Secure Access Client||=22.3-r2|
|Ivanti Secure Access Client||=22.3-r3|
The vulnerability ID for this vulnerability is CVE-2023-41718.
The severity of CVE-2023-41718 is high with a CVSS score of 7.8.
Ivanti Secure Access Client versions 22.2-r1, 22.3-r1, 22.3-r2, and 22.3-r3 are affected by CVE-2023-41718.
An attacker can exploit CVE-2023-41718 by gaining control over a specific file during the initiation of a particular process flow.
No, Microsoft Windows is not affected by CVE-2023-41718.
You can find more information about CVE-2023-41718 [here](https://forums.ivanti.com/s/article/Security-fixes-included-in-the-latest-Ivanti-Secure-Access-Client-Release).