CVE-2025-0282

CRITICAL CISA KEV EPSS 100.0%

Published Jan 8, 20251y ago · Modified Jun 17, 20261w ago

9.0 CVSS 3.1

Critical

Find Similar

Published Jan 8, 2025 1y ago

Last Modified Jun 17, 2026 1w ago

KEV Listed Jan 8, 2025 1y ago

KEV Due Jan 15, 2025 530d overdue

Description

A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2, and Ivanti Neurons for ZTA gateways before version 22.7R2.3 allows a remote unauthenticated attacker to achieve remote code execution.

CVSS Details

Base Score

9.0

Exploitability

2.2

Impact

6.0

Vector string

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

Attack Vector Network

Attack Complexity High

Privileges Required None

User Interaction None

Scope Changed

Confidentiality High

Integrity High

Availability High

Threat Intelligence

CISA Known Exploited Overdue 530d

Added: Jan 8, 2025
Due: Jan 15, 2025

Apply mitigations as set forth in the CISA instructions linked below to include conducting hunt activities, taking remediation actions if applicable, and applying updates prior to returning a device to service.

EPSS Exploit Probability

100.0% percentile

Exploit & Patch Status

Actively Exploited (KEV)

No Patch Available

Weaknesses 2

CWE-121

CWE-787 Out-of-bounds Write Memory Safety

Affected Products 11

Vendor	Product	Version	Range
ivanti	connect_secure	22.7	any
ivanti	connect_secure	22.7	any
ivanti	connect_secure	22.7	any
ivanti	connect_secure	22.7	any
ivanti	connect_secure	22.7	any
ivanti	neurons_for_zero-trust_access	22.7	any
ivanti	neurons_for_zero-trust_access	22.7	any
ivanti	neurons_for_zero-trust_access	22.7	any
ivanti	policy_secure	22.7	any
ivanti	policy_secure	22.7	any
ivanti	policy_secure	22.7	any

References 7

cloud.google.com https://cloud.google.com/blog/topics/threat-intelligence/ivanti-connect-secure-vpn-zero-day

ExploitTechnical Description
forums.ivanti.com https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-Policy-Secure-ZTA-Gateways-CVE-2025-0282-CVE-2025-0283

Vendor Advisory
github.com https://github.com/sfewer-r7/CVE-2025-0282

Exploit
labs.watchtowr.com https://labs.watchtowr.com/exploitation-walkthrough-and-techniques-ivanti-connect-secure-rce-cve-2025-0282/

ExploitThird Party Advisory
cisa.gov https://www.cisa.gov/cisa-mitigation-instructions-cve-2025-0282

Third Party AdvisoryUS Government Resource
cisa.gov https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-0282

US Government Resource
cisa.gov https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2025-0282

US Government Resource

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.