Detections
Analytics
CVE-2025-0282
critical
Description
A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2, and Ivanti Neurons for ZTA gateways before version 22.7R2.3 allows a remote unauthenticated attacker to achieve remote code execution.
From the Tenable Blog
CVE-2025-0282: Ivanti Connect Secure Zero-Day Vulnerability Exploited In The Wild
Published: 2025-01-08
Ivanti disclosed two vulnerabilities in its Connect Secure, Policy Secure and Neurons for ZTA gateway devices, including one flaw that was exploited in the wild as a zero-day.
References
https://cyberscoop.com/silk-typhoon-targets-it-services/
https://www.theregister.com/2025/03/05/china_silk_typhoon_update/
https://www.microsoft.com/en-us/security/blog/2025/03/05/silk-typhoon-targeting-it-supply-chain/
https://www.infosecurity-magazine.com/news/silk-typhoon-exploits-common/
https://www.darkreading.com/remote-workforce/china-silk-typhoon-it-supply-chain-attacks
https://thehackernews.com/2025/03/china-linked-silk-typhoon-expands-cyber.html
https://thehackernews.com/2025/02/ivanti-patches-critical-flaws-in.html
https://unit42.paloaltonetworks.com/threat-brief-ivanti-cve-2025-0282-cve-2025-0283/
https://www.darkreading.com/vulnerabilities-threats/critical-ivanti-rce-bug
https://www.securityweek.com/exploitation-of-new-ivanti-vpn-zero-day-linked-to-chinese-cyberspies/
https://therecord.media/china-espionage-ivanti-vulnerabilities-mandiant
https://www.securityweek.com/ivanti-warns-of-new-zero-day-attacks-hitting-connect-secure-product/
https://therecord.media/ivanti-warns-of-hackers-exploiting-new-vulnerability
https://cloud.google.com/blog/topics/threat-intelligence/ivanti-connect-secure-vpn-zero-day
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2025-0282
https://www.cisa.gov/cisa-mitigation-instructions-cve-2025-0282