Home

CVE-2025-0282

Description

A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2, and Ivanti Neurons for ZTA gateways before version 22.7R2.3 allows a remote unauthenticated attacker to achieve remote code execution.

Risk Information

Base Score
9.0
MODERATE
Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
EPSS Score
Exploitation Probability
94.134

Associated Vulnerability

VulnerabilityOS Platform
Multiple Vulnerabilities are affected in Ivanti Connect Secure 22.7.r2Windows
Multiple Vulnerabilities are affected in Ivanti Connect Secure 22.7.r2.1Windows
Multiple Vulnerabilities are affected in Ivanti Connect Secure 22.7.r2.2Windows
Multiple Vulnerabilities are affected in Ivanti Connect Secure 22.7.r2.3Windows
Multiple Vulnerabilities are affected in Ivanti Connect Secure 22.7.r2.4Windows

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234