CVE Catalog

CVE-2026-8992

High
Published: Translated: NVD NIST

Summary

An improper certificate validation vulnerability in Ivanti Secure Access Client before 22.8R6 allows a remote unauthenticated attacker to execute arbitrary code.

Risk Assessment

This vulnerability poses a significant risk to organizations by allowing attackers to remotely take control of the system without authentication.

Recommendation

It is recommended to update Ivanti Secure Access Client to version 22.8R6 or later to mitigate this vulnerability.

Original NVD description (English source)

An improper certificate validation vulnerability in Ivanti Secure Access Client before 22.8R6 allows a remote unauthenticated attacker to execute arbitrary code.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS