CVE-2026-3483 PUBLISHED

Assigner: ivanti
Reserved: 03.03.2026 Published: 10.03.2026 Updated: 10.03.2026

An exposed dangerous method in Ivanti DSM before version 2026.1.1 allows a local authenticated attacker to escalate their privileges.

Metrics

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVSS Score: 7.8

Product Status

Vendor Ivanti
Product Desktop and Server Management
Versions Default: affected
  • Version 2026.1.1 is unaffected

References

Problem Types

  • CWE-749 Exposed dangerous method or function CWE

Impacts

  • CAPEC-500 WebView Injection