Insufficient permissions in Ivanti Secure Access Client before version 22.8R1 allows a local authenticated attacker to delete arbitrary files.

Insufficient permissions in Ivanti Patch SDK before version 9.7.703 allows a local authenticated attacker to delete arbitrary files.

Insecure permissions in Ivanti EPMM before 12.1.0.4 allow a local authenticated attacker to modify sensitive application components.

Incorrect file permissions in Ivanti Connect Secure before version 22.6R2 (Not Applicable to 9.1Rx) and Ivanti Policy Secure before version 22.7R1 (Not Applicable to 9.1Rx) allow a local authenticated attacker to escalate their privileges.

Insufficiently restrictive permissions in Ivanti Secure Access Client before 22.7R4 allows a local authenticated attacker to escalate their privileges.

Incorrect permissions in Ivanti Secure Access Client before version 22.7R4 allows a local authenticated attacker to create arbitrary folders.

Insecure permissions in Ivanti Sentry before versions 9.20.2 and 10.0.2 or 10.1.0 allow a local authenticated attacker to modify sensitive application components.

Insufficient permissions in Ivanti DSM before version 2024.3.5740 allows a local authenticated attacker to delete arbitrary files.