CVE ID
CVE-2025-0282
Vulnerability Name
Ivanti Connect Secure, Policy Secure, and ZTA Gateways Stack-Based Buffer Overflow Vulnerability
- Project: Ivanti
- Product: Connect Secure, Policy Secure, and ZTA Gateways
Date
- Date Added: 2025-01-08
- Due Date: 2025-01-15
Description
Ivanti Connect Secure, Policy Secure, and ZTA Gateways contain a stack-based buffer overflow which can lead to unauthenticated remote code execution.
Known To Be Used in Ransomware Campaigns?
Known
Action
Apply mitigations as set forth in the CISA instructions linked below to include conducting hunt activities, taking remediation actions if applicable, and applying updates prior to returning a device to service.
Additional Notes
CISA Mitigation Instructions: https://www.cisa.gov/cisa-mitigation-instructions-CVE-2025-0282 Additional References: https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-Policy-Secure-ZTA-Gateways-CVE-2025-0282-CVE-2025-0283 ; https://nvd.nist.gov/vuln/detail/CVE-2025-0282
Related Security News
- Ivanti Zero-Days Exploited to Drop MDifyLoader and Launch In-Memory Cobalt Strike Attacks
- DslogdRAT Malware Deployed via Ivanti ICS Zero-Day CVE-2025-0282 in Japan Attacks
- Chinese Hackers Target Linux Systems Using SNOWLIGHT Malware and VShell Tool
- Ivanti VPN customers targeted via unrecognized RCE vulnerability (CVE-2025-22457)
- Ivanti patches Connect Secure zero-day exploited since mid-March
- RESURGE Malware Exploits Ivanti Flaw with Rootkit and Web Shell Features
- UK domain registry Nominet confirms breach via Ivanti zero-day
- Threat Actors Exploit a Critical Ivanti RCE Bug, Again
- Ivanti zero-day attacks infected devices with custom malware
- Google: Chinese hackers likely behind Ivanti VPN zero-day attacks
Top comments (0)