CVE-2024-13813
Published: 11 February 2025
Summary
CVE-2024-13813 is a high-severity Incorrect Permission Assignment for Critical Resource (CWE-732) vulnerability in Ivanti Secure Access Client. Its CVSS base score is 7.1 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Data Destruction (T1485); ranked at the 45.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 AC-25 (Reference Monitor) and AC-3 (Access Enforcement).
Deeper analysis
CVE-2024-13813 is an insufficient permissions vulnerability (CWE-732) affecting Ivanti Secure Access Client in versions before 22.8R1. The issue stems from inadequate access controls that enable unauthorized file operations. It carries a CVSS v3.1 base score of 7.1 (AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H) and was published on 2025-02-11.
A local authenticated attacker with low privileges can exploit this vulnerability with low attack complexity and no user interaction. Exploitation allows deletion of arbitrary files on the system, resulting in high integrity and availability impacts, such as data loss or service disruption, though confidentiality remains unaffected.
Ivanti's February Security Advisory covers this CVE alongside others in Ivanti Connect Secure, Policy Secure, and Secure Access Client, recommending an upgrade to version 22.8R1 or later to mitigate the issue. Full details are available at https://forums.ivanti.com/s/article/February-Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-and-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-51752
Vulnerability details
Insufficient permissions in Ivanti Secure Access Client before version 22.8R1 allows a local authenticated attacker to delete arbitrary files.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Arbitrary file deletion by low-priv local attacker directly enables data destruction (T1485) with high integrity/availability impact.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Enforces least privilege principle to restrict low-privilege local users from deleting arbitrary files beyond their authorized scope.
Requires the system to enforce approved authorizations, directly mitigating insufficient permissions that allow unauthorized file deletions.
Implements a tamper-proof reference monitor to mediate and enforce all access control decisions for file operations, preventing exploitation of permission flaws.