📦

desktop_\&_server_management

Vendor: ivanti

Actively Exploited 0 CISA KEV List

PoC / Exploits 0 Code Available

Total RCEs 0 Remote Access

Total CVEs 8 Total Indexed

Avg. EPSS 0.47% Exploit Prob.

Latest CVE CVE-2026-3483 Mar 10

Security Vulnerability Index

Page 1 / 1

7.8 CVSS

CVE-2026-3483

An exposed dangerous method in Ivanti DSM before version 2026.1.1 allows a local authenticated attacker to escalate their privileges.

EPSS: 0.07%

Severity: HIGH

Mar 10, 2026

5.7 CVSS

CVE-2024-38648

A hardcoded secret in Ivanti DSM before 2024.2 allows an authenticated attacker on an adjacent network to decrypt sensitive data including user credentials.

EPSS: 0.07%

Severity: MEDIUM

Jul 12, 2025

7.1 CVSS

CVE-2024-7572

Insufficient permissions in Ivanti DSM before version 2024.3.5740 allows a local authenticated attacker to delete arbitrary files.

EPSS: 0.20%

Severity: HIGH

Dec 10, 2024

7.8 CVSS

CVE-2024-29821

Ivanti DSM < version 2024.2 allows authenticated users on the local machine to run code with elevated privileges due to insecure ACL via unspecified attack vector.

EPSS: 1.09%

Severity: HIGH

Oct 18, 2024

7.8 CVSS

CVE-2024-29213

Ivanti DSM < version 2024.2 allows authenticated users on the local machine to run code with elevated privileges due to insecure ACL via unspecified attack vector.

EPSS: 0.84%

Severity: HIGH

Oct 18, 2024

7.8 CVSS

CVE-2023-28129

DSM 2022.2 SU2 and all prior versions allows a local low privileged account to execute arbitrary OS commands as the DSM software installation user.

EPSS: 0.52%

Severity: HIGH

Aug 10, 2023

Displaying 6 of 8 Total Entries

Total 1 Sections