ByteOS Network

NVD Vulnerability Details :

CVE-2026-7431

Analyzed

Source-3c1d8aa1-5a33-4ea4-8992-aadd6440af75

Published At-12 May, 2026 | 15:16

Updated At-12 May, 2026 | 19:53

An incorrect permission assignment for critical resource of Ivanti Secure Access Client before 22.8R6 allows a local authenticated user to read or modify sensitive log data via write access to a shared memory section.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Secondary	3.1	4.4	MEDIUM	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

Type: Secondary

Version: 3.1

Base score: 4.4

Base severity: MEDIUM

Vector:

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

CPE Matches

Weaknesses

CWE ID	Type	Source
CWE-732	Primary	3c1d8aa1-5a33-4ea4-8992-aadd6440af75

CWE ID: CWE-732

Type: Primary

Source: 3c1d8aa1-5a33-4ea4-8992-aadd6440af75

References

Hyperlink	Source	Resource
https://hub.ivanti.com/s/article/May-2026-Security-Advisory-Ivanti-Secure-Access-Client-CVE-2026-7431-CVE-2026-7432?language=en_US	3c1d8aa1-5a33-4ea4-8992-aadd6440af75	Vendor Advisory

Hyperlink: https://hub.ivanti.com/s/article/May-2026-Security-Advisory-Ivanti-Secure-Access-Client-CVE-2026-7431-CVE-2026-7432?language=en_US

Source: 3c1d8aa1-5a33-4ea4-8992-aadd6440af75

Resource:

Vendor Advisory

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History