VDB

CESS-2025-0282

CESS-2025-0282 PUBLISHED CVSS 9 CRITICAL

A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2, and Ivanti Neurons for ZTA gateways before version 22.7R2.3 allows a remote unauthenticated attacker to achieve remote code execution. [Coalition visibility: cisa-kev, exploitdb] [1 known exploit(s)]

Risk Scores

CVSS 3.1
9
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

Timeline

  • Jan 8, 2025 CVE Published
Open in Interactive Console →
$ Console Community · 100/wk Open console ›