CVE-2023-35080: 
Ivanti Secure Access Client vulnerability analysis and mitigation

A vulnerability (CVE-2023-35080) has been identified in the Ivanti Secure Access Windows client, affecting all Windows versions below 22.6R1.1. The vulnerability was discovered and responsibly disclosed by Alex Oudenaarden and Tijme Gommers of Northwave Cybersecurity. The issue was first recorded on June 13, 2023, and publicly disclosed in November 2023 (NVD, Ivanti Blog).

The vulnerability received a CVSS v3.1 base score of 7.8 (High) with the vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H, indicating local access requirements with low attack complexity and privilege requirements. The vulnerability is associated with CWE-276 (Incorrect Default Permissions) according to CISA-ADP's assessment (NVD).

The vulnerability could allow a locally authenticated attacker to exploit a vulnerable configuration, potentially leading to various security risks, including the escalation of privileges, denial of service, or information disclosure. The high CVSS score indicates significant potential impact across confidentiality, integrity, and availability (NVD, Ivanti Blog).

Ivanti has released patches to address this vulnerability. Users are advised to upgrade to version 22.6R1.1 or later of the Ivanti Secure Access Client. The vendor encourages customers to apply the available remediation steps immediately (Ivanti Blog).