CVE-2026-7431

Published: Mag 12, 2026 Last Modified: Mag 12, 2026

ExploitDB:

Other exploit source:

Google Dorks:

MEDIUM 4,4

Source: 3c1d8aa1-5a33-4ea4-8992-aadd6440af75

Attack Vector: local

Attack Complexity: low

Privileges Required: low

User Interaction: none

Scope: unchanged

Confidentiality: low

Integrity: low

Availability: none

Description

AI Translation Available

An incorrect permission assignment for critical resource of Ivanti Secure Access Client before 22.8R6 allows a local authenticated user to read or modify sensitive log data via write access to a shared memory section.

732

Incorrect Permission Assignment for Critical Resource

Draft

Abstraction: Class Structure: Simple

Common Consequences

Security Scopes Affected:

Confidentiality Access Control Integrity Other

Potential Impacts:

Read Application Data Read Files Or Directories Gain Privileges Or Assume Identity Modify Application Data Other

Applicable Platforms

Technologies: Cloud Computing, Not Technology-Specific

Likelihood of Exploit: High

View CWE Details

https://hub.ivanti.com/s/article/May-2026-Security-Advisory…

https://hub.ivanti.com/s/article/May-2026-Security-Advisory-Ivanti-Secure-Acces…

CVE-2026-7431

Description

Incorrect Permission Assignment for Critical Resource

Common Consequences

Applicable Platforms

Iscriviti alla newsletter