Ivanti Connect Secure zero-day exploited by attackers (CVE-2025-0282)

Ivanti has fixed two vulnerabilities affecting Ivanti Connect Secure, Policy Secure and ZTA gateways, one of which (CVE-2025-0282) has been exploited as a zero-day by attackers to compromise Connect Secure VPN appliances. About CVE-2025-0282 and CVE-2025-0283 Both are stack-based buffer overflow issues: CVE-2025-0282 allows for unauthenticated remote code execution, CVE-2025-0283 can be used by a local authenticated attacker to escalate their privileges. Ivanti says that a “limited number “of customers’ Ivanti Connect Secure appliances have … More → The post Ivanti Connect Secure zero-day exploited by attackers (CVE-2025-0282) appeared first on Help Net Security.
http://news.poseidon-us.com/THFSnz

Ivanti Connect Secure zero-day exploited by attackers (CVE-2025-0282)

Like this:

Related

More Posts

Wireshark 4.4.3 released: Updated protocol support, bug fixes

BreachLock Unified Platform provides visibility into the organization’s attack surface

The ongoing evolution of the CIS Critical Security Controls

Synology ActiveProtect boosts enterprise data protection

GitLab CISO on proactive monitoring and metrics for DevSecOps success

Sara: Open-source RouterOS security inspector

Cybersecurity in 2025: Global conflict, grown-up AI, and the wisdom of the crowd

Google must face mobile phone privacy class action, possible trial

Freedom Furniture turns on AI-based search and personalisation

Telstra to trial satellite-to-mobile services with Starlink

Share this:

Like this:

Related

More Posts