CRITICAL🚩 CISA KEV⚡ EXPLOIT✓ PATCH🇵🇱 Wersja polska

CVE-2025-0282

CVSS 9.0v3.1pub. 2025-01-08upd. 2025-10-24

A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2, and Ivanti Neurons for ZTA gateways before version 22.7R2.3 allows a remote unauthenticated attacker to achieve remote code execution.

CVSS Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
  • Ivanti Connect Secure

    APP
    Ivanti
    22.7
  • Ivanti Neurons For Zero Trust Access

    APP
    Ivanti
    22.7
  • Ivanti Policy Secure

    APP
    Ivanti
    22.7

CISA KEV — detailsi

Vendori
Ivanti
Producti
Connect Secure, Policy Secure, and ZTA Gateways
Added to KEVi
January 8, 2025
Remediation deadline (US Federal)i
January 15, 2025(overdue)
Ransomwarei
Active ransomware campaigns exploit this vulnerability
Required action (CISA)i

Apply mitigations as set forth in the CISA instructions linked below to include conducting hunt activities, taking remediation actions if applicable, and applying updates prior to returning a device to service.

CISA descriptioni

Ivanti Connect Secure, Policy Secure, and ZTA Gateways contain a stack-based buffer overflow which can lead to unauthenticated remote code execution.

🔴
IMMEDIATE ACTION
Actively exploited in the wild (CISA KEV). Patch immediately.
☠️WYKORZYSTYWANE W RANSOMWARECISA DEADLINE: 15 stycznia 2025
Tags
RCEAuth BypassMemory
CWE
References

Related vulnerabilities

CVE-2025-22457CRITICAL9.0⚠ KEVPL ✓ten sam produkt

Stack-based buffer overflow w Ivanti Connect Secure, Policy Secure i ZTA Gateways umożliwiający RCE

CVE-2024-21887CRITICAL9.1⚠ KEVPL ✓ten sam produkt

Command injection w Ivanti Connect Secure i Policy Secure — RCE jako administrator

CVE-2021-22893CRITICAL10.0⚠ KEVten sam produkt

Pulse Connect Secure 9.0R3/9.1R1 and higher is vulnerable to an authentication bypass vulnerability exposed by...

CVE-2019-11510CRITICAL10.0⚠ KEVten sam produkt

In Pulse Secure Pulse Connect Secure (PCS) 8.2 before 8.2R12.1, 8.3 before 8.3R7.1, and 9.0 before 9.0R3.4, an...

CVE-2024-10644CRITICAL9.1PL ✓ten sam produkt

Code injection w Ivanti Connect Secure i Policy Secure — RCE