CVE-2025-0283

Summary

A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2, and Ivanti Neurons for ZTA gateways before version 22.7R2.3 allows a local authenticated attacker to escalate their privileges.

Affected Software

VendorProductVersion RangeStatus
IvantiConnect Secure22.7R2.5unaffected
IvantiPolicy Secure22.7R1.2affected
IvantiNeurons for ZTA gateways22.7R2.5unaffected

Weaknesses

  • CWE-121: CWE-121: Stack-based Buffer Overflow

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References