Ivanti Products Multiple Vulnerabilities

Release Date: 9 Jan 2025 1636 Views

RISK: Extremely High Risk

Extremely High Risk

TYPE: Operating Systems - Networks OS

TYPE: Networks OS

Multiple vulnerabilities have been identified in Ivanti Products. A remote attacker could exploit these vulnerabilities to trigger remote code execution and elevation of privilege on the targeted system.

 

Notes:

CVE-2025-0282 is being exploited in the wild. The vulnerability can lead to remote code execution on targeted device.

Impact

  • Remote Code Execution
  • Elevation of Privilege

System / Technologies affected

CVE-2025-0282:

 

  • Ivanti Connect Secure (ICS) versions 22.7R2 through 22.7R2.4
  • Ivanti Policy Secure (IPS) versions 22.7R1 through 22.7R1.2
  • Ivanti Neurons for ZTA gateways 22.7R2 through 22.7R2.3 

 

CVE-2025-0283:

 

  • Ivanti Connect Secure (ICS) versions 22.7R2.4 and prior, 9.1R18.9 and prior 
  • Ivanti Policy Secure (IPS) versions 22.7R1.2 and prior
  • Ivanti Neurons for ZTA gateways versions 22.7R2.3 and prior

Solutions

Before installation of the software, please visit the vendor web-site for more details.

 

Apply fixes issued by the vendor:

Vulnerability Identifier

Source

Related Link

Related Tags

IvantiRemote Code ExecutionElevation of PrivilegeExploit In The Wild

Share with

Previous

SonicWall Products Multiple Vulnerabilities

9 Jan 2025 1308 Views

Next

RedHat Linux Kernel Multiple Vulnerabilities

10 Jan 2025 1238 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY