CVE-2023-38543: 
Ivanti Secure Access Client vulnerability analysis and mitigation

A vulnerability exists in all versions of the Ivanti Secure Access Client (formerly Pulse Secure Desktop Client) below 22.6R1.1, which could allow a locally authenticated attacker to exploit a vulnerable configuration, potentially leading to a denial of service (DoS) condition on the user machine (NVD, Ivanti Blog).

The vulnerability exists inside one of the kernel drivers included in the software package named jnprva.sys. Several IOCTL handlers (for example 0x80002018) inside the driver perform pointer dereferences on improperly validated input data. The vulnerability has been present since at least 2018 and has received a CVSS v3.1 base score of 7.8 (HIGH) with the vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H (Northwave, NVD).

When exploited, this vulnerability can lead to a denial of service condition on the local system, potentially causing a blue screen. The vulnerability affects the system's stability and availability (Northwave).

The vulnerability has been patched in Ivanti Secure Access Client version 22.6R1.1. Users are encouraged to upgrade to this version or later to remediate the vulnerability (Ivanti Blog).

The vulnerability was discovered and responsibly disclosed by Alex Oudenaarden and Tijme Gommers of Northwave Cybersecurity. The disclosure process began on March 16, 2023, with the initial notice to DIVD, and the patch was finally released on November 9, 2023 (Northwave).