VDB
CVE-2025-22457
CVE-2025-22457
PUBLISHED
KEV
Connect Secure bietet TLS- und mobile VPN-Lösungen.
EPSS 55.90% · 98.1th percentile
Risk Scores
EPSS Score
55.90%
98.1th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ivanti | Ivanti Connect Secure <22.7R2.6 | |
| Ivanti | Ivanti Policy Secure <22.7R1.4 |
Timeline
- Apr 3, 2025 CVE Published
- Apr 3, 2025 PoC Published
- Apr 3, 2025 PoC Published
- Apr 3, 2025 PoC Published
- Apr 3, 2025 PoC Published
- Apr 3, 2025 PoC Published
- Apr 3, 2025 PoC Published
- Apr 3, 2025 PoC Published
- Apr 3, 2025 PoC Published
- Apr 3, 2025 PoC Published
- Apr 3, 2025 PoC Published
- Apr 3, 2025 PoC Published
References
- https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0703.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0703 advisory
- https://www.ivanti.com/blog/security-update-pulse-connect-secure-ivanti-connect-secure-policy-secure-and-neurons-for-zta-gateways advisory
- https://www.rapid7.com/blog/post/2025/04/03/etr-ivanti-connect-secure-cve-2025-22457-exploited-in-the-wild/ exploit
- https://forums.ivanti.com/s/article/April-Security-Advisory-Ivanti-Connect-Secure-Policy-Secure-ZTA-Gateways-CVE-2025-22457 advisory
- https://cloud.google.com/blog/topics/threat-intelligence/china-nexus-exploiting-critical-ivanti-vulnerability exploit