300+ Organizations Breached by Multiple DrayTek Vulnerabilities

Ivanti Connect Secure Zero-Day Under Active Exploitation

Ivanti Warns of Security Vulnerabilities in Connect Secure Products

Ivanti has recently issued a critical warning regarding ongoing security intrusions targeting older versions of its Ivanti Connect Secure software. This issue stems from a severe vulnerability, known as CVE-2025-0282, which is classified as a stack-based buffer overflow. The flaw poses a significant risk as it could allow malicious actors to execute arbitrary code on affected systems. Organizations using Ivanti Connect Secure versions earlier than 22.7R2.5 should take immediate action to secure their networks.

In addition to CVE-2025-0282, Ivanti has identified another high-severity vulnerability, CVE-2025-0283, which could enable privilege escalation. Affected versions of Ivanti Policy Secure (older than 22.7R1.2) and Ivanti Neurons for ZTA Gateways (older than 22.7R2.3) are also at risk, although no attacks have yet been reported against those devices.

Understanding the Vulnerabilities

Key Vulnerabilities Impacting Ivanti Products

  • CVE-2025-0282: Stack-based buffer overflow vulnerability allowing arbitrary code execution.
  • CVE-2025-0283: High-severity vulnerability enabling privilege escalation.

Recommended Actions for Organizations

Organizations utilizing Ivanti Connect Secure should act swiftly to mitigate potential risks. Here are some recommended steps:

  1. Monitor for Exploitation: Utilize the Integrity Checker Tool provided by Ivanti to keep an eye on any potential exploitation attempts.
  2. Conduct Factory Resets: Before updating to the latest version of Ivanti Connect Secure, perform factory resets to ensure a clean environment.
  3. Update Software: Ensure that all Ivanti products are updated to the latest versions to minimize vulnerabilities.

Ivanti has reassured users that the chances of exploitation for the vulnerable Ivanti Policy Secure are considerably lower. A patch for this product is expected to be released on January 21, which should further enhance security measures.

Conclusion

As cybersecurity threats continue to evolve, organizations must remain vigilant and proactive in applying security updates and monitoring their systems. For more information on Ivanti’s security advisories, you can visit the Ivanti Security Center or check out detailed insights from SecurityWeek.

If you found this article helpful, please share your thoughts in the comments below or explore related articles on cybersecurity best practices to stay informed about protecting your organization’s assets.

Share it

Similar Posts

Leave a Reply

Your email address will not be published. Required fields are marked *