CVE-2024-10630

CVE-2024-10630 is a race condition vulnerability, classified under CWE-366, affecting Ivanti Application Control Engine in versions prior to 10.14.4.0. This flaw enables a local authenticated attacker to bypass the application's blocking functionality, undermining endpoint security controls designed to restrict unauthorized software execution. The vulnerability carries a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), reflecting high potential impacts on confidentiality, integrity, and availability within the local scope.

A low-privileged local authenticated user can exploit this race condition by timing operations to evade blocking mechanisms, allowing execution of restricted or malicious applications. Successful exploitation grants the attacker high-level access to system resources, potentially leading to unauthorized data access, modification, or disruption without requiring user interaction.

Ivanti has issued a security advisory detailing the vulnerability at https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Application-Control-Engine-CVE-2024-10630, which recommends upgrading to version 10.14.4.0 or later to mitigate the issue.