CVE-2026-8992
CVE-2026-8992
8.8
HighPublished:
Last updated:
Source:3c1d8aa1-5a33-4ea4-8992-aadd6440af75
Analyzed
Weakness (CWE)
CVSS Vector
v3.1- Attack Vector
- Network
- Attack Complexity
- Low
- Privileges Required
- None
- User Interaction
- Required
- Scope
- Unchanged
- Confidentiality
- High
- Integrity
- High
- Availability
- High
Description
An improper certificate validation vulnerability in Ivanti Secure Access Client before 22.8R6 allows a remote unauthenticated attacker to execute arbitrary code.
References
3c1d8aa1-5a33-4ea4-8992-aadd6440af75
https://hub.ivanti.com/s/article/May-2026-Security-Advisory-Ivanti-Secure-Access-Client-CVE-2026-7431-CVE-2026-7432?language=en_US