1.0 Introduction
Recently, Ivanti released security updates to address one actively exploited Zero-day critical and one high severity vulnerability in Ivanti Connect Secure, Policy Secure and ZTA Gateways.
2.0 Impact
A cyber threat actor could exploit some of these vulnerabilities allows unauthenticated remote code execution and enables local privilege escalation.
3.0 Affected Products
CVE-2025-0282: Stack-Based Buffer Overflow
- Ivanti Connect Secure versions 22.7R2 to 22.7R2.4
- Ivanti Policy Secure versions 22.7R1 to 22.7R1.2
- Ivanti Neurons for ZTA Gateways versions 22.7R2 to 22.7R2.3
CVE-2025-0283: Stack-Based Buffer Overflow
- Ivanti Connect Secure versions 22.7R2.4 and earlier
- Ivanti Policy Secure versions 22.7R1.2 and earlier
- Ivanti Neurons for ZTA Gateways versions 22.7R2.3 and earlier
4.0 Recommendations
CyberSecurity Malaysia encourages users and administrators to review Ivanti Security Release for more information and apply the necessary updates.
Kindly refer to the following URLs for more information:
Generally, Cyber999 advises the users of these devices to be updated with the latest security announcements by the vendor and follow best practice security policies to determine which updates should be applied.
For further enquiries, please contact Cyber999 Incident Response Centre through the following channels:
E-mail: cyber999[at]cybersecurity.my
Phone: 1-300-88-2999 (monitored during business hours)
Mobile: +60 19 2665850 (24x7 call incident reporting)
Business Hours: Mon - Fri 08:30 -17:30 MYT
Web: https://www.mycert.org.my
5.0 References
- https://www.ivanti.com/blog/topics/security-advisory
- https://www.cisa.gov/news-events/alerts/2025/01/08/ivanti-releases-security-updates-connect-secure-policy-secure-and-zta-gateways
- https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-Policy-Secure-ZTA-Gateways-CVE-2025-0282-CVE-2025-0283?language=en_US
- https://cloud.google.com/blog/topics/threat-intelligence/ivanti-connect-secure-vpn-zero-day