CVE-2024-21888

ENISA EUVD: EUVD-2024-19499 ↗

✓ Confirmed 0-Day

Triaged: March 5, 2026 5 articles Published: 2024-01-31

VulnLookup ↗ NVD ↗ EUVD ↗ MITRE ↗

EPSS Score

Source: FIRST.org · 2026-05-24

61.26%

probability

This CVE has a 61.26% probability of being exploited in the next 30 days.

0% Top 98.3th percentile of all CVEs 100%

CVSS v3.0

Source: VulnerabilityLookup (CIRCL)

8.8

HIGH

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Description

VulnerabilityLookup (CNA)

A privilege escalation vulnerability in web component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows a user to elevate privileges to that of an administrator.

Affected Products

Ivanti

ICS

9.1R18 22.6R2

Ivanti

IPS

9.1R18 22.6R1

Attack Intelligence

CWE-269 · Improper Privilege Management CWE-284 · Improper Access Control

https://forums.ivanti.com/s/article/CVE-2024-21888-Privilege-Escalation-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure?language=en_US

Signal Intelligence

Confidenceⓘ

92%

EPSS 61.26%

CVSS v3.0 8.8

Mentions 5

Last Seen Feb 09, 2024

CNA Information

CNA Assigner

hackerone

Analyst Note

CVE-2024-21888 is explicitly named as a zero-day exploited in attacks in the BleepingComputer article from January 2024. The CVE was published on 2024-01-31 and Ivanti's warning of active exploitation was concurrent with disclosure, meeting the zero-day criteria of exploitation before or simultaneous with patch availability.

Threat Actors 4

UTA0178

apt_group Information theft and espionage 🇨🇳 CN

APT 22

apt_group Information theft and espionage 🇨🇳 CN

APT 6

apt_group Information theft and espionage 🇨🇳 CN

APT 5

apt_group Information theft and espionage 🇨🇳 CN

Triage Info

Decided atMar 05, 2026

Published DateJan 31, 2024