VYPR
High severity7.8NVD Advisory· Published May 12, 2026· Updated May 12, 2026

CVE-2026-8110

CVE-2026-8110

Description

Incorrect permissions assignment in the agent of Ivanti Endpoint Manager before version 2024 SU6 allows a local authenticated attacker to escalate their privileges.

Affected products

9
  • cpe:2.3:a:ivanti:endpoint_manager:*:*:*:*:*:*:*:*+ 8 more
    • cpe:2.3:a:ivanti:endpoint_manager:*:*:*:*:*:*:*:*range: <=2022
    • cpe:2.3:a:ivanti:endpoint_manager:2024:-:*:*:*:*:*:*
    • cpe:2.3:a:ivanti:endpoint_manager:2024:su1:*:*:*:*:*:*
    • cpe:2.3:a:ivanti:endpoint_manager:2024:su2:*:*:*:*:*:*
    • cpe:2.3:a:ivanti:endpoint_manager:2024:su3:*:*:*:*:*:*
    • cpe:2.3:a:ivanti:endpoint_manager:2024:su3_security_release_1:*:*:*:*:*:*
    • cpe:2.3:a:ivanti:endpoint_manager:2024:su4:*:*:*:*:*:*
    • cpe:2.3:a:ivanti:endpoint_manager:2024:su4_security_release_1:*:*:*:*:*:*
    • cpe:2.3:a:ivanti:endpoint_manager:2024:su5:*:*:*:*:*:*

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.