Ivanti Workspace Control Vulnerability Lets Attackers Remotely Exploit To Steal the Credential
Ivanti has released a critical security update for its Workspace Control software, patching three high-severity vulnerabilities that could allow attackers to compromise sensitive credentials.
The vulnerabilities, identified as CVE-2025-5353, CVE-2025-22463, and CVE-2025-22455, affect versions of Ivanti Workspace Control prior to 10.19.10.0.
| CVE Number | Description | CVSS Score (Severity) |
|---|---|---|
| CVE-2025-5353 | A hardcoded key in Ivanti Workspace Control before version 10.19.10.0 allows a local authenticated attacker to decrypt stored SQL credentials. | 8.8 (High) |
| CVE-2025-22463 | A hardcoded key in Ivanti Workspace Control before version 10.19.10.0 allows a local authenticated attacker to decrypt the stored environment password. | 7.3 (High) |
| CVE-2025-22455 | A hardcoded key in Ivanti Workspace Control before version 10.19.0.0 allows a local authenticated attacker to decrypt stored SQL credentials. | 8.8 (High) |
Ivanti urges customers to upgrade immediately to version 10.19.10.0 or migrate to the new Workspace Control 2025.2 architecture to mitigate risks.
The vulnerabilities stem from hardcoded cryptographic keys, enabling local authenticated attackers to decrypt stored SQL credentials and environment passwords.
With CVSS scores ranging from 7.3 to 8.8, successful exploitation could lead to severe consequences, including unauthorized access to critical systems.
The flaws are classified under CWE-321 (Use of Hard-Coded Cryptographic Key) and require low privileges and no user interaction, making them particularly concerning.
Ivanti reports no known exploitation of these vulnerabilities at the time of disclosure, which was handled through the company’s responsible disclosure program.
“We are not aware of any customers being impacted prior to this announcement,” Ivanti stated.
However, the absence of public indicators of compromise underscores the need for proactive action.
Affected Versions and Fix
All versions of Ivanti Workspace Control up to 10.19.0.0 are vulnerable. The resolved version, 10.19.10.0, is available for download, and Ivanti has introduced a redesigned architecture in Workspace Control 2025.2 to address these issues.
Customers upgrading to the new architecture must ensure the TLS certificate for the ShieldAPI is trusted by importing it into the Trusted Root Certificate Authorities on relevant machines.
End-of-Life and Alternatives Ivanti has also reminded users that Workspace Control is set to reach end-of-life on December 31, 2026.
Customers hesitant to adopt the new architecture due to this timeline can transition to Ivanti User Workspace Manager as an alternative.
What Customers Should Do: Ivanti advises immediate application of the update or migration to the new architecture.
For assistance, customers can log a case or request support via the Ivanti Success Portal. While no active exploitation has been reported, the high severity of these vulnerabilities warrants urgent action to protect organizational systems.
Find this News Interesting! Follow us on Google News, LinkedIn, & X to Get Instant Updates
Source link
