Ivanti » Neurons For Zero-trust Access (Seite 1)

9.8

CVE-2025-22457

Warnung Medienbericht

EPSS 71.7%
Veröffentlicht 03.04.2025 16:15:35
Zuletzt bearbeitet 03.05.2025 01:00:02

A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.6, Ivanti Policy Secure before version 22.7R1.4, and Ivanti ZTA Gateways before version 22.8R2.2 allows a remote unauthenticated attacker to achieve remote code execution.

9

CVE-2025-0282

Warnung Medienbericht Exploit

EPSS 94.11%
Veröffentlicht 08.01.2025 23:15:09
Zuletzt bearbeitet 17.03.2025 19:24:45

A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2, and Ivanti Neurons for ZTA gateways before version 22.7R2.3 allows a remote unauthenticated attacker to achieve remote code ...

7

CVE-2025-0283

EPSS 22.99%
Veröffentlicht 08.01.2025 23:15:09
Zuletzt bearbeitet 14.01.2025 15:58:55

A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2, and Ivanti Neurons for ZTA gateways before version 22.7R2.3 allows a local authenticated attacker to escalate their privileg...

8.2

CVE-2024-21893

Warnung

EPSS 94.32%
Veröffentlicht 31.01.2024 18:15:47
Zuletzt bearbeitet 29.11.2024 15:16:27

A server-side request forgery vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) and Ivanti Neurons for ZTA allows an attacker to access certain restricted resources without authentication.

7.5

CVE-2022-35254

EPSS 0.71%
Veröffentlicht 05.12.2022 22:15:10
Zuletzt bearbeitet 24.04.2025 15:15:47

An unauthenticated attacker can cause a denial-of-service to the following products: Ivanti Connect Secure (ICS) in versions prior to 9.1R14.3, 9.1R15.2, 9.1R16.2, and 22.2R4, Ivanti Policy Secure (IPS) in versions prior to 9.1R17 and 22.3R1, and Iva...

7.5

CVE-2022-35258

EPSS 0.71%
Veröffentlicht 05.12.2022 22:15:10
Zuletzt bearbeitet 21.11.2024 07:10:59