Refine your search
3 vulnerabilities found for zero_trust_access_gateway by ivanti
CVE-2025-22457 (GCVE-0-2025-22457)
Vulnerability from nvd
Published
2025-04-03 15:20
Modified
2025-10-21 22:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-121 - Stack-based Buffer Overflow
Summary
A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.6, Ivanti Policy Secure before version 22.7R1.4, and Ivanti ZTA Gateways before version 22.8R2.2 allows a remote unauthenticated attacker to achieve remote code execution.
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Ivanti | Connect Secure |
Patch: 22.7R2.6 |
||||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-22457",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-24T03:55:18.340082Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2025-04-04",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-22457"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T22:55:21.943Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-22457"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-04-04T00:00:00+00:00",
"value": "CVE-2025-22457 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Connect Secure",
"vendor": "Ivanti",
"versions": [
{
"status": "unaffected",
"version": "22.7R2.6",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"product": "Policy Secure",
"vendor": "Ivanti",
"versions": [
{
"status": "unaffected",
"version": "22.7R1.4",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"product": "Neurons for ZTA gateways",
"vendor": "Ivanti",
"versions": [
{
"status": "unaffected",
"version": "22.8R2.2",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.6, Ivanti Policy Secure before version 22.7R1.4, and Ivanti ZTA Gateways before version 22.8R2.2 allows a remote unauthenticated attacker to achieve remote code execution.\u003c/span\u003e"
}
],
"value": "A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.6, Ivanti Policy Secure before version 22.7R1.4, and Ivanti ZTA Gateways before version 22.8R2.2 allows a remote unauthenticated attacker to achieve remote code execution."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121 Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-03T15:20:23.628Z",
"orgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"shortName": "ivanti"
},
"references": [
{
"url": "https://forums.ivanti.com/s/article/April-Security-Advisory-Ivanti-Connect-Secure-Policy-Secure-ZTA-Gateways-CVE-2025-22457"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"assignerShortName": "ivanti",
"cveId": "CVE-2025-22457",
"datePublished": "2025-04-03T15:20:23.628Z",
"dateReserved": "2025-01-07T02:19:22.796Z",
"dateUpdated": "2025-10-21T22:55:21.943Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-22024 (GCVE-0-2024-22024)
Vulnerability from nvd
Published
2024-02-13 04:07
Modified
2025-05-09 18:26
Severity ?
VLAI Severity ?
EPSS score ?
Summary
An XML external entity or XXE vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x), Ivanti Policy Secure (9.x, 22.x) and ZTA gateways which allows an attacker to access certain restricted resources without authentication.
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:35:34.846Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://forums.ivanti.com/s/article/CVE-2024-22024-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure?language=en_US"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-22024",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-16T19:34:58.517182Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-611",
"description": "CWE-611 Improper Restriction of XML External Entity Reference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-09T18:26:09.386Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "ICS",
"vendor": "Ivanti",
"versions": [
{
"lessThan": "9.1R14.5",
"status": "affected",
"version": "9.1R14.5",
"versionType": "semver"
},
{
"lessThan": "9.1R17.3",
"status": "affected",
"version": "9.1R17.3",
"versionType": "semver"
},
{
"lessThan": "9.1R18.4",
"status": "affected",
"version": "9.1R18.4",
"versionType": "semver"
},
{
"lessThan": "22.1R6.1",
"status": "affected",
"version": "22.1R6.1",
"versionType": "semver"
},
{
"lessThan": "9.1R14.4",
"status": "unaffected",
"version": "9.1R14.4",
"versionType": "semver"
},
{
"lessThan": "9.1R15.2",
"status": "unaffected",
"version": "9.1R15.2",
"versionType": "semver"
},
{
"lessThan": "9.1R16.2",
"status": "unaffected",
"version": "9.1R16.2",
"versionType": "semver"
},
{
"lessThan": "9.1R17.2",
"status": "unaffected",
"version": "9.1R17.2",
"versionType": "semver"
},
{
"lessThan": "9.1R18.3",
"status": "unaffected",
"version": "9.1R18.3",
"versionType": "semver"
},
{
"lessThan": "22.1R6.1",
"status": "unaffected",
"version": "22.1R6.1",
"versionType": "semver"
},
{
"lessThan": "22.2R4.1",
"status": "affected",
"version": "22.2R4.1",
"versionType": "semver"
},
{
"lessThan": "22.3R1.1",
"status": "affected",
"version": "22.3R1.1",
"versionType": "semver"
},
{
"lessThan": "22.4R1.1",
"status": "affected",
"version": "22.4R1.1",
"versionType": "semver"
},
{
"lessThan": "22.5R1.2",
"status": "affected",
"version": "22.5R1.2",
"versionType": "semver"
},
{
"lessThan": "22.6R1.1",
"status": "affected",
"version": "22.6R1.1",
"versionType": "semver"
},
{
"lessThan": "22.4R2.3",
"status": "affected",
"version": "22.4R2.3",
"versionType": "semver"
},
{
"lessThan": "22.5R2.3",
"status": "affected",
"version": "22.5R2.3",
"versionType": "semver"
},
{
"lessThan": "22.6R2.2",
"status": "affected",
"version": "22.6R2.2",
"versionType": "semver"
},
{
"lessThan": "22.2R4.1",
"status": "unaffected",
"version": "22.2R4.1",
"versionType": "semver"
},
{
"lessThan": "22.3R1",
"status": "unaffected",
"version": "22.3R1",
"versionType": "semver"
},
{
"lessThan": "22.4R1.1",
"status": "unaffected",
"version": "22.4R1.1",
"versionType": "semver"
},
{
"lessThan": "22.5R1.1",
"status": "unaffected",
"version": "22.5R1.1",
"versionType": "semver"
},
{
"lessThan": "22.6R1.1",
"status": "unaffected",
"version": "22.6R1.1",
"versionType": "semver"
},
{
"lessThan": "22.4R2.2",
"status": "unaffected",
"version": "22.4R2.2",
"versionType": "semver"
},
{
"lessThan": "22.5R2.2",
"status": "unaffected",
"version": "22.5R2.2",
"versionType": "semver"
},
{
"lessThan": "22.6R2.2",
"status": "unaffected",
"version": "22.6R2.2",
"versionType": "semver"
}
]
},
{
"product": "ICS",
"vendor": "Ivant ",
"versions": [
{
"lessThan": "9.1R15.3",
"status": "affected",
"version": "9.1R15.3",
"versionType": "semver"
}
]
},
{
"product": "IPS",
"vendor": "Ivanti",
"versions": [
{
"lessThan": "9.1R18.4",
"status": "affected",
"version": "9.1R18.4",
"versionType": "semver"
},
{
"lessThan": "9.1R17.3",
"status": "affected",
"version": "9.1R17.3",
"versionType": "semver"
},
{
"lessThan": "22.5R1.2",
"status": "affected",
"version": "22.5R1.2",
"versionType": "semver"
},
{
"lessThan": "9.1R18.2",
"status": "unaffected",
"version": "9.1R18.2",
"versionType": "semver"
},
{
"lessThan": "9.1R17.2",
"status": "unaffected",
"version": "9.1R17.2",
"versionType": "semver"
},
{
"lessThan": "22.5R1.1",
"status": "unaffected",
"version": "22.5R1.1",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An XML external entity or XXE vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x), Ivanti Policy Secure (9.x, 22.x) and ZTA gateways which allows an attacker to access certain restricted resources without authentication."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 8.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.0"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-02-13T04:07:04.355Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://forums.ivanti.com/s/article/CVE-2024-22024-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure?language=en_US"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2024-22024",
"datePublished": "2024-02-13T04:07:04.355Z",
"dateReserved": "2024-01-04T01:04:06.574Z",
"dateUpdated": "2025-05-09T18:26:09.386Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-22457 (GCVE-0-2025-22457)
Vulnerability from cvelistv5
Published
2025-04-03 15:20
Modified
2025-10-21 22:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-121 - Stack-based Buffer Overflow
Summary
A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.6, Ivanti Policy Secure before version 22.7R1.4, and Ivanti ZTA Gateways before version 22.8R2.2 allows a remote unauthenticated attacker to achieve remote code execution.
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Ivanti | Connect Secure |
Patch: 22.7R2.6 |
||||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-22457",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-24T03:55:18.340082Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2025-04-04",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-22457"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T22:55:21.943Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-22457"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-04-04T00:00:00+00:00",
"value": "CVE-2025-22457 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Connect Secure",
"vendor": "Ivanti",
"versions": [
{
"status": "unaffected",
"version": "22.7R2.6",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"product": "Policy Secure",
"vendor": "Ivanti",
"versions": [
{
"status": "unaffected",
"version": "22.7R1.4",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"product": "Neurons for ZTA gateways",
"vendor": "Ivanti",
"versions": [
{
"status": "unaffected",
"version": "22.8R2.2",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.6, Ivanti Policy Secure before version 22.7R1.4, and Ivanti ZTA Gateways before version 22.8R2.2 allows a remote unauthenticated attacker to achieve remote code execution.\u003c/span\u003e"
}
],
"value": "A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.6, Ivanti Policy Secure before version 22.7R1.4, and Ivanti ZTA Gateways before version 22.8R2.2 allows a remote unauthenticated attacker to achieve remote code execution."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121 Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-03T15:20:23.628Z",
"orgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"shortName": "ivanti"
},
"references": [
{
"url": "https://forums.ivanti.com/s/article/April-Security-Advisory-Ivanti-Connect-Secure-Policy-Secure-ZTA-Gateways-CVE-2025-22457"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"assignerShortName": "ivanti",
"cveId": "CVE-2025-22457",
"datePublished": "2025-04-03T15:20:23.628Z",
"dateReserved": "2025-01-07T02:19:22.796Z",
"dateUpdated": "2025-10-21T22:55:21.943Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}