Research

Emerging Threat: Ivanti CVE-2025-22457

Emma-Zaballos
By Emma Zaballos
Product Marketing Manager
April 7, 2025

CVE-2025-22457 is a critical buffer overflow vulnerability (CVSS 9.0) in Ivanti Connect Secure, Policy Secure, and ZTA Gateways, enabling unauthenticated remote code execution via a crafted X-Forwarded-For header. It has been actively exploited by espionage group UNC5221 and is listed in CISA’s KEV catalog. Patches are available for most affected products, but legacy Pulse Connect Secure devices require migration, and customers are advised to monitor for signs of compromise.



Research

Emerging Threat: Ivanti Connect Secure CVE-2025-0282 and CVE-2025-0283

Emma-Zaballos
By Emma Zaballos
Product Marketing Manager
January 13, 2025

Ivanti disclosed two severe vulnerabilities affecting Ivanti Connect Secure VPN devices. While both vulnerabilities involve similar buffer overflow mechanisms, only one allows unauthenticated remote code execution (RCE) and has been exploited in the wild. CyCognito customers can check their assets to identify if any are potentially vulnerable to these issues using filters available in the CyCognito dashboard.



Topics



Search the Blog



Featured Posts








Top Tags



CyCognito Research Report

State of External Exposure Management, Summer 2024 Edition

State of External Exposure Management, Summer 2024 Edition

Download the report now to stay ahead of emerging threats and strengthen your organization’s security posture for 2024.

O'Reilly Report

Moving from Vulnerability Management to Exposure Management

Moving from Vulnerability Management to Exposure Management

Download the report to learn about the historical trends behind the emergence of exposure management, how to develop a strategic plan and assemble a team to smoothly transition frameworks, and example tech stacks to consider for your organization.

Request a Free Scan

See Exactly What Attackers See

Get a Free Scan of Your Attack Surface

Get a free scan of your attack surface and gain valuable insight into your organization's risk posture by allowing CyCognito to discover, contextualize, and test externally exposed assets on a portion of your parent company or a single subsidiary.