An incorrect permission assignment for critical resource of Ivanti Secure Access Client before 22.8R6 allows a local authenticated user to read or modify sensitive log data via write access to a shared memory section.
References
Configurations
Configuration 1 (hide)
| AND |
|
History
12 May 2026, 19:53
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://hub.ivanti.com/s/article/May-2026-Security-Advisory-Ivanti-Secure-Access-Client-CVE-2026-7431-CVE-2026-7432?language=en_US - Vendor Advisory | |
| First Time |
Microsoft
Ivanti Microsoft windows Ivanti secure Access Client |
|
| CPE | cpe:2.3:a:ivanti:secure_access_client:22.8:r1:*:*:*:*:*:* cpe:2.3:a:ivanti:secure_access_client:*:*:*:*:*:*:*:* cpe:2.3:a:ivanti:secure_access_client:22.8:r5:*:*:*:*:*:* cpe:2.3:a:ivanti:secure_access_client:22.8:r4:*:*:*:*:*:* cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* cpe:2.3:a:ivanti:secure_access_client:22.8:-:*:*:*:*:*:* cpe:2.3:a:ivanti:secure_access_client:22.8:r3:*:*:*:*:*:* cpe:2.3:a:ivanti:secure_access_client:22.8:r2:*:*:*:*:*:* |
12 May 2026, 15:16
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2026-05-12 15:16
Updated : 2026-05-12 19:53
NVD link : CVE-2026-7431
Mitre link : CVE-2026-7431
CVE.ORG link : CVE-2026-7431
JSON object : View
Products Affected
microsoft
- windows
ivanti
- secure_access_client
CWE
CWE-732
Incorrect Permission Assignment for Critical Resource