CVE-2025-22467 (CVSS 9.9): Ivanti Connect Secure Vulnerability Allows Remote Code Execution

Ivanti has disclosed multiple vulnerabilities affecting its Connect Secure, Policy Secure, and Secure Access Client products, with some flaws allowing for remote code execution and unauthorized data access. The company urges customers to update their systems immediately to mitigate potential risks.

The vulnerabilities, ranging from medium to critical severity, impact various versions of the affected products. Among the most severe is CVE-2025-22467 (CVSS 9.9), a critical stack-based buffer overflow vulnerability in Ivanti Connect Secure. This flaw allows a remote authenticated attacker to execute arbitrary code on the vulnerable system. Another critical vulnerability, CVE-2024-38657 (CVSS 9.1), enables an attacker with admin privileges to write arbitrary files, potentially compromising system integrity.

Other vulnerabilities include code injection flaws (CVE-2024-10644, CVSS 9.1), arbitrary file read vulnerabilities (CVE-2024-12058), reflected cross-site scripting (XSS) vulnerabilities (CVE-2024-13830), and issues related to hardcoded keys and cleartext storage of sensitive information (CVE-2024-13842, CVE-2024-13843).

Ivanti has addressed these vulnerabilities in the latest versions of its products:

Ivanti Connect Secure 22.7R2.6
Ivanti Policy Secure 22.7R1.3
Ivanti Secure Access Client 22.8R1

Customers are advised to update to these versions as soon as possible. The company provides access to the updated software through its download portal (login required). While Ivanti is not currently aware of any active exploitation of these vulnerabilities, the potential impact underscores the urgency of applying the available updates.

Rate this post

Leave a Reply Cancel reply

Website

Related Posts:

Leave a Reply Cancel reply