Posts tagged ‘Ivanti’

Research

Emerging Threat: Ivanti CVE-2025-22457

By Emma Zaballos ・ April 7, 2025

CVE-2025-22457 is a critical buffer overflow vulnerability (CVSS 9.0) in Ivanti Connect Secure, Policy Secure, and ZTA Gateways, enabling unauthenticated remote code execution via a crafted X-Forwarded-For header. It has been actively exploited by espionage group UNC5221 and is listed in CISA’s KEV catalog. Patches are available for most affected products, but legacy Pulse Connect Secure devices require migration, and customers are advised to monitor for signs of compromise.

Research

Emerging Threat: Ivanti Connect Secure CVE-2025-0282 and CVE-2025-0283

By Emma Zaballos ・ January 13, 2025

Ivanti disclosed two severe vulnerabilities affecting Ivanti Connect Secure VPN devices. While both vulnerabilities involve similar buffer overflow mechanisms, only one allows unauthenticated remote code execution (RCE) and has been exploited in the wild. CyCognito customers can check their assets to identify if any are potentially vulnerable to these issues using filters available in the CyCognito dashboard.

What Over 2 Million Assets Reveal About Industry Vulnerability Zohar Venturero July 15, 2025

And The Cloud Goes Wild: Looking at Vulnerabilities in Cloud Assets Emma Zaballos May 20, 2025

Faster Fixes: Solving the Security Testing Trade-off Jason Pappalexis May 19, 2025

Posts tagged ‘Ivanti’

Search the Blog

Emerging Threat: Ivanti CVE-2025-22457

Emerging Threat: Ivanti Connect Secure CVE-2025-0282 and CVE-2025-0283