216.73.217.22

CVE-2025-0283

· Published 09/01/2025 00:15 · Modified 21/12/2025 08:44 · Author: The MITRE Corporation

Labels: CVE-2025-0283 2025-01-083c1d8aa1-5a33-4ea4-8992-aadd6440af75CVE-2025-0283CWE-121CWE-787

Essential information

Published
09/01/2025 00:15
Modified
21/12/2025 08:44
Author
The MITRE Corporation
Creator
The MITRE Corporation
CVSS
7.0 HIGH (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:L/C:H/I:H/A:H

CVSS metrics

Description

A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2, and Ivanti Neurons for ZTA gateways before version 22.7R2.3 allows a local authenticated attacker to escalate their privileges.

NVD status

Status
Analyzed — CVE has had analysis completed and all data associations made.
Source
3c1d8aa1-5a33-4ea4-8992-aadd6440af75
NVD
View on NVD

Affected products (CPE)

ProductCPE
ivanti / connect secure cpe:2.3:a:ivanti:connect_secure:*:*:*:*:*:*:*:*
ivanti / connect secure cpe:2.3:a:ivanti:connect_secure:*:*:*:*:*:*:*:*
ivanti / connect secure cpe:2.3:a:ivanti:connect_secure:9.1:-:*:*:*:*:*:*
ivanti / connect secure cpe:2.3:a:ivanti:connect_secure:9.1:r1:*:*:*:*:*:*
ivanti / connect secure cpe:2.3:a:ivanti:connect_secure:9.1:r1.0:*:*:*:*:*:*
ivanti / connect secure cpe:2.3:a:ivanti:connect_secure:9.1:r10:*:*:*:*:*:*
ivanti / connect secure cpe:2.3:a:ivanti:connect_secure:9.1:r10.0:*:*:*:*:*:*
ivanti / connect secure cpe:2.3:a:ivanti:connect_secure:9.1:r10.2:*:*:*:*:*:*
ivanti / connect secure cpe:2.3:a:ivanti:connect_secure:9.1:r11:*:*:*:*:*:*
ivanti / connect secure cpe:2.3:a:ivanti:connect_secure:9.1:r11.0:*:*:*:*:*:*
ivanti / connect secure cpe:2.3:a:ivanti:connect_secure:9.1:r11.1:*:*:*:*:*:*
ivanti / connect secure cpe:2.3:a:ivanti:connect_secure:9.1:r11.3:*:*:*:*:*:*
ivanti / connect secure cpe:2.3:a:ivanti:connect_secure:9.1:r11.4:*:*:*:*:*:*
ivanti / connect secure cpe:2.3:a:ivanti:connect_secure:9.1:r11.5:*:*:*:*:*:*
ivanti / connect secure cpe:2.3:a:ivanti:connect_secure:9.1:r12:*:*:*:*:*:*
ivanti / connect secure cpe:2.3:a:ivanti:connect_secure:9.1:r12.1:*:*:*:*:*:*
ivanti / connect secure cpe:2.3:a:ivanti:connect_secure:9.1:r12.2:*:*:*:*:*:*
ivanti / connect secure cpe:2.3:a:ivanti:connect_secure:9.1:r13:*:*:*:*:*:*
ivanti / connect secure cpe:2.3:a:ivanti:connect_secure:9.1:r13.1:*:*:*:*:*:*
ivanti / connect secure cpe:2.3:a:ivanti:connect_secure:9.1:r14:*:*:*:*:*:*
ivanti / connect secure cpe:2.3:a:ivanti:connect_secure:9.1:r14.4:*:*:*:*:*:*
ivanti / connect secure cpe:2.3:a:ivanti:connect_secure:9.1:r15:*:*:*:*:*:*
ivanti / connect secure cpe:2.3:a:ivanti:connect_secure:9.1:r15.2:*:*:*:*:*:*
ivanti / connect secure cpe:2.3:a:ivanti:connect_secure:9.1:r16:*:*:*:*:*:*
ivanti / connect secure cpe:2.3:a:ivanti:connect_secure:9.1:r16.1:*:*:*:*:*:*
ivanti / connect secure cpe:2.3:a:ivanti:connect_secure:9.1:r17:*:*:*:*:*:*
ivanti / connect secure cpe:2.3:a:ivanti:connect_secure:9.1:r17.1:*:*:*:*:*:*
ivanti / connect secure cpe:2.3:a:ivanti:connect_secure:9.1:r17.2:*:*:*:*:*:*
ivanti / connect secure cpe:2.3:a:ivanti:connect_secure:9.1:r18:*:*:*:*:*:*
ivanti / connect secure cpe:2.3:a:ivanti:connect_secure:9.1:r18.1:*:*:*:*:*:*
ivanti / connect secure cpe:2.3:a:ivanti:connect_secure:9.1:r18.2:*:*:*:*:*:*
ivanti / connect secure cpe:2.3:a:ivanti:connect_secure:9.1:r18.3:*:*:*:*:*:*
ivanti / connect secure cpe:2.3:a:ivanti:connect_secure:9.1:r18.7:*:*:*:*:*:*
ivanti / connect secure cpe:2.3:a:ivanti:connect_secure:9.1:r18.8:*:*:*:*:*:*
ivanti / connect secure cpe:2.3:a:ivanti:connect_secure:9.1:r18.9:*:*:*:*:*:*
ivanti / connect secure cpe:2.3:a:ivanti:connect_secure:9.1:r4.3:*:*:*:*:*:*
ivanti / connect secure cpe:2.3:a:ivanti:connect_secure:9.1:r8:*:*:*:*:*:*
ivanti / connect secure cpe:2.3:a:ivanti:connect_secure:21.9:r1:*:*:*:*:*:*
ivanti / connect secure cpe:2.3:a:ivanti:connect_secure:21.12:r1:*:*:*:*:*:*
ivanti / connect secure cpe:2.3:a:ivanti:connect_secure:22.1:r1:*:*:*:*:*:*
ivanti / connect secure cpe:2.3:a:ivanti:connect_secure:22.1:r6:*:*:*:*:*:*
ivanti / connect secure cpe:2.3:a:ivanti:connect_secure:22.7:-:*:*:*:*:*:*
ivanti / connect secure cpe:2.3:a:ivanti:connect_secure:22.7:r1:*:*:*:*:*:*
ivanti / connect secure cpe:2.3:a:ivanti:connect_secure:22.7:r1.1:*:*:*:*:*:*
ivanti / connect secure cpe:2.3:a:ivanti:connect_secure:22.7:r1.2:*:*:*:*:*:*
ivanti / connect secure cpe:2.3:a:ivanti:connect_secure:22.7:r1.3:*:*:*:*:*:*
ivanti / connect secure cpe:2.3:a:ivanti:connect_secure:22.7:r1.4:*:*:*:*:*:*
ivanti / connect secure cpe:2.3:a:ivanti:connect_secure:22.7:r1.5:*:*:*:*:*:*
ivanti / connect secure cpe:2.3:a:ivanti:connect_secure:22.7:r2:*:*:*:*:*:*
ivanti / connect secure cpe:2.3:a:ivanti:connect_secure:22.7:r2.1:*:*:*:*:*:*
ivanti / connect secure cpe:2.3:a:ivanti:connect_secure:22.7:r2.2:*:*:*:*:*:*
ivanti / connect secure cpe:2.3:a:ivanti:connect_secure:22.7:r2.3:*:*:*:*:*:*
ivanti / connect secure cpe:2.3:a:ivanti:connect_secure:22.7:r2.4:*:*:*:*:*:*
ivanti / neurons for zero-trust access cpe:2.3:a:ivanti:neurons_for_zero-trust_access:-:*:*:*:*:*:*:*
ivanti / neurons for zero-trust access cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.2:r1:*:*:*:*:*:*
ivanti / neurons for zero-trust access cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.2:r4:*:*:*:*:*:*
ivanti / neurons for zero-trust access cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.2:r5:*:*:*:*:*:*
ivanti / neurons for zero-trust access cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.3:r1:*:*:*:*:*:*
ivanti / neurons for zero-trust access cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.3:r4:*:*:*:*:*:*
ivanti / neurons for zero-trust access cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.4:r1:*:*:*:*:*:*
ivanti / neurons for zero-trust access cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.4:r3:*:*:*:*:*:*
ivanti / neurons for zero-trust access cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.5:r1:*:*:*:*:*:*
ivanti / neurons for zero-trust access cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.5:r1.2:*:*:*:*:*:*
ivanti / neurons for zero-trust access cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.6:r1:*:*:*:*:*:*
ivanti / neurons for zero-trust access cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.6:r1.2:*:*:*:*:*:*
ivanti / neurons for zero-trust access cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.6:r1.3:*:*:*:*:*:*
ivanti / neurons for zero-trust access cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.6:r1.5:*:*:*:*:*:*
ivanti / neurons for zero-trust access cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.6:r1.6:*:*:*:*:*:*
ivanti / neurons for zero-trust access cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.6:r1.7:*:*:*:*:*:*
ivanti / neurons for zero-trust access cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.7:r1:*:*:*:*:*:*
ivanti / neurons for zero-trust access cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.7:r1.2:*:*:*:*:*:*
ivanti / neurons for zero-trust access cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.7:r1.3:*:*:*:*:*:*
ivanti / neurons for zero-trust access cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.7:r1.4:*:*:*:*:*:*
ivanti / neurons for zero-trust access cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.7:r1.5:*:*:*:*:*:*
ivanti / neurons for zero-trust access cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.7:r1.6:*:*:*:*:*:*
ivanti / neurons for zero-trust access cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.7:r2:*:*:*:*:*:*
ivanti / neurons for zero-trust access cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.7:r2.2:*:*:*:*:*:*
ivanti / neurons for zero-trust access cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.7:r2.3:*:*:*:*:*:*
ivanti / policy secure cpe:2.3:a:ivanti:policy_secure:*:*:*:*:*:*:*:*
ivanti / policy secure cpe:2.3:a:ivanti:policy_secure:22.7:-:*:*:*:*:*:*
ivanti / policy secure cpe:2.3:a:ivanti:policy_secure:22.7:r1:*:*:*:*:*:*
ivanti / policy secure cpe:2.3:a:ivanti:policy_secure:22.7:r1.1:*:*:*:*:*:*
ivanti / policy secure cpe:2.3:a:ivanti:policy_secure:22.7:r1.2:*:*:*:*:*:*

References

Related entities

Attack reports, intrusion sets, malwares, attack patterns and indicators linked to this vulnerability.

Attack reports (7)