9 January 2025

Ivanti warns of zero-day exploits targeting critical Connect Secure flaw


Ivanti warns of zero-day exploits targeting critical Connect Secure flaw

Ivanti has issued a warning about active zero-day attacks exploiting a critical vulnerability (CVE-2025-0282) in its Connect Secure appliances, allowing threat actors to install malware and potentially compromise systems.

The company discovered the attacks after its Ivanti Integrity Checker Tool (ICT) detected malicious activity on several customers’ appliances.

Following an internal investigation, Ivanti confirmed that CVE-2025-0282, a stack-based buffer overflow vulnerability, was being actively exploited in the wild. The vulnerability affects Ivanti Connect Secure (versions before 22.7R2.5), Ivanti Policy Secure (versions before 22.7R1.2), Ivanti Neurons for ZTA gateways (versions before 22.7R2.3).

The flaw allows unauthenticated attackers to execute arbitrary code remotely on vulnerable devices. While the vulnerability impacts all three products, Ivanti has only observed exploitation on Connect Secure appliances so far.

Ivanti said it is not aware of the issue being exploited in Ivanti Policy Secure or Neurons for ZTA gateways.

Ivanti has released firmware version 22.7R2.5, which resolves the issue. However, patches for the other impacted products—Policy Secure and Neurons for ZTA gateways—are expected to be available by January 21, 2025.

Back to the list

Latest Posts

Cybersecurity Week in Review: January 24, 2025

Cybersecurity Week in Review: January 24, 2025

In brief: SonicWall SMA zero-day exploited in attacks, hackers are exploiting older Ivanti flaws, and more.
24 January 2025
AIRASHI DDoS botnet exploits a zero-day vulnerability in cnPilot routers

AIRASHI DDoS botnet exploits a zero-day vulnerability in cnPilot routers

The attacks have been active since June 2024.
23 January 2025
SonicWall SMA zero-day exploited in attacks

SonicWall SMA zero-day exploited in attacks

SonicWall has released a patch in version 12.4.3-02854 and higher versions to address the issue.
23 January 2025