Ivanti DSM Privilege Escalation Risk: Local Authenticated Attackers

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

7.8

Ivanti DSM Privilege Escalation Risk: Local Authenticated Attackers

CVE-2026-3483

Summary

A security issue in older versions of Ivanti DSM allows an authenticated user on the same network to gain elevated access to the system. This could potentially allow them to make changes or access sensitive data they shouldn't be able to. Update to version 2026.1.1 or later to fix this issue.

What to do

No fix is available yet. Check with your software vendor for updates.

Affected software

Vendor	Product	Affected versions	Fix available
ivanti	desktop_\&_server_management	<= 2026.1.1	–

Original title

An exposed dangerous method in Ivanti DSM before version 2026.1.1 allows a local authenticated attacker to escalate their privileges.

Original description

An exposed dangerous method in Ivanti DSM before version 2026.1.1 allows a local authenticated attacker to escalate their privileges.

nvd CVSS3.1 7.8

Vulnerability type

CWE-749

https://hub.ivanti.com/s/article/Security-Advisory-Ivanti-DSM-CVE-2026-3483?lang...

Published: 10 Mar 2026 · Updated: 13 Mar 2026 · First seen: 11 Mar 2026