About the Vulnerability

Introduction

Ivanti Connect Secure, Policy Secure, and ZTA Gateways are all network products provided by Ivanti Company.

Summary

On January 9, 2025, Sangfor FarSight Labs received notification that an Ivanti Connect Secure, Policy Secure & ZTA Gateways component contains information of Buffer Overflow Vulnerability(CVE-2025-0282), classified as critical in threat level.

A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2, and Ivanti Neurons for ZTA gateways before version 22.7R2.3 allows a remote unauthenticated attacker to achieve remote code execution, leading to server compromise.Note: This vulnerability has been exploited in the wild.

Affected Versions

22.7R2 ≤ Ivanti Connect Secure < 22.7R2.5

22.7R1 ≤ Ivanti Policy Secure < 22.7R1.2

22.7R2 ≤ ZTA gateways < 22.7R2.3

Solutions

Remediation Solutions

Official Solution

Secure Versions:

Ivanti Connect Secure 22.7R2.5

Ivanti Policy Secure 22.7R1.2

ZTA gateways 22.7R2.3

Suggestion:

Affected users are recommended to update the version of their devices to the secure versions.

Download link for Ivanti Connect Secure Patches: https://portal.ivanti.com/

Patches for Ivanti Policy Secure and ZTA gateways are expected to release on January 21, 2025.

Temporary Solution

For users of Ivanti Connect Secure, run the built-in Integrity Check Tool (ICT).

If the scan results show no threats, reset to factory settings and apply the latest patches;

If threats are detected in the scan results, immediately disconnect the affected product and isolate it from other resources, reset any connected passwords, keys, and certificates, and contact the official party for further emergency response and traceability.

Timeline

On January 9, 2025, Sangfor FarSight Labs received notification of Ivanti Connect Secure, Policy Secure & ZTA Gateways Buffer Overflows Vulnerability.

On January 9, 2025, Sangfor FarSight Labs released a vulnerability alert.

References

https://www.ivanti.com/blog/security-update-ivanti-connect-secure-policy-secure-and-neurons-for-zta-gateways

https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-Policy-Secure-ZTA-Gateways-CVE-2025-0282-CVE-2025-0283?language=en_US&_gl=1*17imebm*_gcl_au*MjAwNjQ2ODMyMy4xNzM2Mzg0NTA4

Listen To This Post

Search

Get in Touch

Get in Touch with Sangfor Team for Business Inquiry

Name
Email Address
Business Phone Number
Tell us about your project requirements

Related Articles

CVE-2024-55591: FortiOS and FortiProxy Authentication Bypass Vulnerability

Date : 26 Mar 2025
Read Now

CVE-2024-47908: Ivanti CSA Remote Command Execution Vulnerability

Date : 13 Feb 2025
Read Now

Roundup of Microsoft Patch Tuesday (January 2024)

Date : 16 Jan 2025
Read Now

See Other Product

Cyber Command - NDR Platform
Endpoint Secure
Internet Access Gateway (IAG)
Sangfor Network Secure - Next Generation Firewall
Platform-X
Sangfor Access Secure - A SASE Solution