CVE-2025-0282β€”Ivanti Connect Secure, Policy Secure, and ZTA Gateways Stack-Based Buffer Overflow Vulnerability

PUBLISHEDvulnerability record
2025-01-08 Β· last modified June 21, 2025

Metadata

CVE ID:
CVE-2025-0282
Project:
Ivanti
Product:
Connect Secure, Policy Secure, and ZTA Gateways
Date Added:
2025-01-08
Due Date:
2025-01-15
Last Updated:
June 21, 2025

Vulnerability Name

Ivanti Connect Secure, Policy Secure, and ZTA Gateways Stack-Based Buffer Overflow Vulnerability

Description

Ivanti Connect Secure, Policy Secure, and ZTA Gateways contain a stack-based buffer overflow which can lead to unauthenticated remote code execution.

Known To Be Used in Ransomware Campaigns?

Ransomware Status:
KNOWN

Action

Apply mitigations as set forth in the CISA instructions linked below to include conducting hunt activities, taking remediation actions if applicable, and applying updates prior to returning a device to service.

Additional Notes

Related News Articles

Related Weaknesses