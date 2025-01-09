Vulnerability Management, Threat Intelligence, Patch/Configuration Management

Active exploitation of Ivanti Connect Secure zero-day ongoing

SecurityWeek reports that Ivanti has warned of ongoing intrusions targeting Ivanti Connect Secure versions earlier than 22.7R2.5 that are impacted by the critical stack-based buffer overflow vulnerability, tracked as CVE-2025-0282.

While the security flaw — which could be abused to facilitate arbitrary code execution — also impacts Ivanti Policy Secure versions older than 22.7R1.2 and Ivanti Neurons for ZTA Gateways older than 22.7R2.3, such devices have not been subjected to attacks, according to Ivanti. All of the aforementioned Ivanti products are also affected by a yet-to-be-exploited high-severity bug, tracked as CVE-2025-0283, which could be leveraged for privilege escalation. Organizations using Ivanti Connect Secure have been urged to monitor exploitation via the firm's Integrity Checker Tool and conduct factory resets before implementing the updated Connect Secure version. Ivanti has also noted the significantly lower odds of exploitation for vulnerable Ivanti Policy Secure, which will be patched by the firm on Jan. 21.

