High severity7.8NVD Advisory· Published May 12, 2026· Updated May 12, 2026
CVE-2026-8110
CVE-2026-8110
Description
Incorrect permissions assignment in the agent of Ivanti Endpoint Manager before version 2024 SU6 allows a local authenticated attacker to escalate their privileges.
Affected products
9cpe:2.3:a:ivanti:endpoint_manager:*:*:*:*:*:*:*:*+ 8 more
- cpe:2.3:a:ivanti:endpoint_manager:*:*:*:*:*:*:*:*range: <=2022
- cpe:2.3:a:ivanti:endpoint_manager:2024:-:*:*:*:*:*:*
- cpe:2.3:a:ivanti:endpoint_manager:2024:su1:*:*:*:*:*:*
- cpe:2.3:a:ivanti:endpoint_manager:2024:su2:*:*:*:*:*:*
- cpe:2.3:a:ivanti:endpoint_manager:2024:su3:*:*:*:*:*:*
- cpe:2.3:a:ivanti:endpoint_manager:2024:su3_security_release_1:*:*:*:*:*:*
- cpe:2.3:a:ivanti:endpoint_manager:2024:su4:*:*:*:*:*:*
- cpe:2.3:a:ivanti:endpoint_manager:2024:su4_security_release_1:*:*:*:*:*:*
- cpe:2.3:a:ivanti:endpoint_manager:2024:su5:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.