CVE-2026-7432

Published: Mag 12, 2026 Last Modified: Mag 12, 2026

ExploitDB:

Other exploit source:

Google Dorks:

HIGH 7,8

Source: 3c1d8aa1-5a33-4ea4-8992-aadd6440af75

Attack Vector: local

Attack Complexity: low

Privileges Required: low

User Interaction: none

Scope: unchanged

Confidentiality: high

Integrity: high

Availability: high

Description

AI Translation Available

A race condition in Ivanti Secure Access Client before 22.8R6 allows a locally authenticated user to escalate privileges to SYSTEM

362

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Draft

Abstraction: Class Structure: Simple

Common Consequences

Security Scopes Affected:

Availability Confidentiality Integrity Access Control

Potential Impacts:

Dos: Resource Consumption (Cpu) Dos: Resource Consumption (Memory) Dos: Resource Consumption (Other) Dos: Crash, Exit, Or Restart Dos: Instability Read Files Or Directories Read Application Data Execute Unauthorized Code Or Commands Gain Privileges Or Assume Identity Bypass Protection Mechanism

Applicable Platforms

Languages: C, C++, Java

Technologies: ICS/OT, Mobile

Likelihood of Exploit: Medium

View CWE Details

https://hub.ivanti.com/s/article/May-2026-Security-Advisory…

https://hub.ivanti.com/s/article/May-2026-Security-Advisory-Ivanti-Secure-Acces…

CVE-2026-7432

Description

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Common Consequences

Applicable Platforms

Iscriviti alla newsletter