CVE-2025-0282 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	9 CRITICAL	NETWORK	HIGH	NONE	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
ivanti	CNA	9 CRITICAL	NETWORK	HIGH	NONE	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
CISA-ADP	ADP	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 99%

Vendor	Product	Version
ivanti	connect_secure	22.7:r2
ivanti	connect_secure	22.7:r2.1
ivanti	connect_secure	22.7:r2.2
ivanti	connect_secure	22.7:r2.3
ivanti	connect_secure	22.7:r2.4
ivanti	neurons_for_zero-trust_access	22.7:r2
ivanti	neurons_for_zero-trust_access	22.7:r2.2
ivanti	neurons_for_zero-trust_access	22.7:r2.3
ivanti	policy_secure	22.7:r1
ivanti	policy_secure	22.7:r1.1
ivanti	policy_secure	22.7:r1.2

𝑥

= Vulnerable software versions

Known Exploits!

Common Weakness Enumeration

CWE-121 - Stack-based Buffer Overflow
A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).
CWE-787 - Out-of-bounds Write
The software writes data past the end, or before the beginning, of the intended buffer.

References

https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-Policy-Secure-ZTA-Gateways-CVE-2025-0282-CVE-2025-0283

https://cloud.google.com/blog/topics/threat-intelligence/ivanti-connect-secure-vpn-zero-day

https://www.cisa.gov/cisa-mitigation-instructions-cve-2025-0282

https://github.com/sfewer-r7/CVE-2025-0282

https://labs.watchtowr.com/exploitation-walkthrough-and-techniques-ivanti-connect-secure-rce-cve-2025-0282/

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2025-0282