CVE-2025-0283 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	7 HIGH	LOCAL	HIGH	LOW	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
ivanti	CNA	7 HIGH	LOCAL	HIGH	LOW	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CISA-ADP	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 17%

Vendor	Product	Version
ivanti	connect_secure	𝑥 < 9.1
ivanti	connect_secure	22.2 ≤ 𝑥 < 22.7
ivanti	connect_secure	9.1
ivanti	connect_secure	9.1:r1
ivanti	connect_secure	9.1:r1.0
ivanti	connect_secure	9.1:r10
ivanti	connect_secure	9.1:r10.0
ivanti	connect_secure	9.1:r10.2
ivanti	connect_secure	9.1:r11
ivanti	connect_secure	9.1:r11.0
ivanti	connect_secure	9.1:r11.1
ivanti	connect_secure	9.1:r11.3
ivanti	connect_secure	9.1:r11.4
ivanti	connect_secure	9.1:r11.5
ivanti	connect_secure	9.1:r12
ivanti	connect_secure	9.1:r12.1
ivanti	connect_secure	9.1:r12.2
ivanti	connect_secure	9.1:r13
ivanti	connect_secure	9.1:r13.1
ivanti	connect_secure	9.1:r14
ivanti	connect_secure	9.1:r14.4
ivanti	connect_secure	9.1:r15
ivanti	connect_secure	9.1:r15.2
ivanti	connect_secure	9.1:r16
ivanti	connect_secure	9.1:r16.1
ivanti	connect_secure	9.1:r17
ivanti	connect_secure	9.1:r17.1
ivanti	connect_secure	9.1:r17.2
ivanti	connect_secure	9.1:r18
ivanti	connect_secure	9.1:r18.1
ivanti	connect_secure	9.1:r18.2
ivanti	connect_secure	9.1:r18.3
ivanti	connect_secure	9.1:r18.7
ivanti	connect_secure	9.1:r18.8
ivanti	connect_secure	9.1:r18.9
ivanti	connect_secure	9.1:r4.3
ivanti	connect_secure	9.1:r8
ivanti	connect_secure	21.9:r1
ivanti	connect_secure	21.12:r1
ivanti	connect_secure	22.1:r1
ivanti	connect_secure	22.1:r6
ivanti	connect_secure	22.7
ivanti	connect_secure	22.7:r1
ivanti	connect_secure	22.7:r1.1
ivanti	connect_secure	22.7:r1.2
ivanti	connect_secure	22.7:r1.3
ivanti	connect_secure	22.7:r1.4
ivanti	connect_secure	22.7:r1.5
ivanti	connect_secure	22.7:r2
ivanti	connect_secure	22.7:r2.1
ivanti	connect_secure	22.7:r2.2
ivanti	connect_secure	22.7:r2.3
ivanti	connect_secure	22.7:r2.4
ivanti	neurons_for_zero-trust_access	-
ivanti	neurons_for_zero-trust_access	22.2:r1
ivanti	neurons_for_zero-trust_access	22.2:r4
ivanti	neurons_for_zero-trust_access	22.2:r5
ivanti	neurons_for_zero-trust_access	22.3:r1
ivanti	neurons_for_zero-trust_access	22.3:r4
ivanti	neurons_for_zero-trust_access	22.4:r1
ivanti	neurons_for_zero-trust_access	22.4:r3
ivanti	neurons_for_zero-trust_access	22.5:r1
ivanti	neurons_for_zero-trust_access	22.5:r1.2
ivanti	neurons_for_zero-trust_access	22.6:r1
ivanti	neurons_for_zero-trust_access	22.6:r1.2
ivanti	neurons_for_zero-trust_access	22.6:r1.3
ivanti	neurons_for_zero-trust_access	22.6:r1.5
ivanti	neurons_for_zero-trust_access	22.6:r1.6
ivanti	neurons_for_zero-trust_access	22.6:r1.7
ivanti	neurons_for_zero-trust_access	22.7:r1
ivanti	neurons_for_zero-trust_access	22.7:r1.2
ivanti	neurons_for_zero-trust_access	22.7:r1.3
ivanti	neurons_for_zero-trust_access	22.7:r1.4
ivanti	neurons_for_zero-trust_access	22.7:r1.5
ivanti	neurons_for_zero-trust_access	22.7:r1.6
ivanti	neurons_for_zero-trust_access	22.7:r2
ivanti	neurons_for_zero-trust_access	22.7:r2.2
ivanti	neurons_for_zero-trust_access	22.7:r2.3
ivanti	policy_secure	𝑥 < 22.7
ivanti	policy_secure	22.7
ivanti	policy_secure	22.7:r1
ivanti	policy_secure	22.7:r1.1
ivanti	policy_secure	22.7:r1.2

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-121 - Stack-based Buffer Overflow
A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).
CWE-787 - Out-of-bounds Write
The software writes data past the end, or before the beginning, of the intended buffer.

References

https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-Policy-Secure-ZTA-Gateways-CVE-2025-0282-CVE-2025-0283