Known Vulnerabilities
CVE-2025-0282
A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2, and Ivanti Neurons for ZTA gateways before version 22.7R2.3 allows a remote unauthenticated attacker to achieve remote code execution.
CRITICAL
CVSS 9.0
Published Jan 08, 2025
CVE-2024-11633
Argument injection in Ivanti Connect Secure before version 22.7R2.4 allows a remote authenticated attacker with admin privileges to achieve remote code execution
CRITICAL
CVSS 9.1
Published Dec 10, 2024
CVE-2024-9844
Insufficient server-side controls in Secure Application Manager of Ivanti Connect Secure before version 22.7R2.4 allows a remote authenticated attacker to bypass restrictions.
HIGH
CVSS 7.1
Published Dec 10, 2024