CVE-2024-39709
Incorrect file permissions in Ivanti Connect Secure before version 22.6R2 (Not Applicable to 9.1Rx) and Ivanti Policy Secure before version 22.7R1 (Not Applicable to 9.1Rx) allow a local authenticated attacker to escalate their privileges.
| Software | From | Fixed in |
|---|---|---|
| ivanti / connect_secure | - | 9.1 |
| ivanti / connect_secure | 22.6 | 22.6.x |
| ivanti / connect_secure | 22.6-r1 | 22.6-r1.x |
| ivanti / policy_secure | 9.1 | 9.1.x |
| ivanti / connect_secure | 9.1 | 9.1.x |
| ivanti / policy_secure | 22.7 | 22.7.x |
| ivanti / connect_secure | 21.9 | 22.6 |
| ivanti / policy_secure | - | 9.1 |
| ivanti / policy_secure | 22.1 | 22.7 |
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime