CVE-2025-0282
| CVE Published | 2025-01-08 |
|---|---|
| Related CWE(s) | CWE-787: Out-of-bounds Write, CWE-121: Stack-based Buffer Overflow |
| Related Vendor(s) | ivanti |
| Related Product(s) | neurons_for_zero-trust_access, policy_secure, connect_secure |
| Exploitation Reported (CISA KEV) | 2025-01-08 |
| CVSS 3 Base Score | 9.0 (CRITICAL) |
| CVSS 3 Attack Complexity | HIGH |
| CVSS 3 Attack Vector | NETWORK |
A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2, and Ivanti Neurons for ZTA gateways before version 22.7R2.3 allows a remote unauthenticated attacker to achieve remote code execution.
Cyber Threat Graph Context
Explore how this CVE relates to the wider threat graph