【Vulnerability Alert】Critical Security Vulnerability in Ivanti Products (CVE-2025-22457) Actively Exploited in Attacks

publish date : 2025-04-08 update date : 2025-04-08

Source: Ministry of education information & communication security contingency platform

Publication Number TACERT-ANA-2025040803043333 Publication Time 2025/04/08 15:23
Incident Type ANA-Vulnerability Alert Discovery Time 2025/04/08 15:23
Impact Level Low  
[Subject]
【Vulnerability Alert】Critical Security Vulnerability in Ivanti Products (CVE-2025-22457) Actively Exploited in Attacks
[Content]
Forwarded from TWCERTCC-200-202504-00000003

Ivanti has released a critical security advisory for its products—Connect Secure, Pulse Connect Secure (End-of-Support as of 2024/12/31), Policy Secure, and ZTA Gateways—regarding a newly disclosed vulnerability (CVE-2025-22457, CVSS Score: 9.0). This vulnerability stems from a buffer overflow flaw that allows unauthenticated remote attackers to execute arbitrary code (RCE), including the execution of shell scripts and deployment of malicious software. Users are advised to take protective measures as soon as possible to reduce potential risks and closely monitor official updates.

Information Sharing Level: WHITE (Information content can be publicly disclosed)
[Affected Platform]
● Ivanti Connect Secure version 22.7R2.5 and earlier
● Pulse Connect Secure (End-of-Support) version 9.1R18.9 and earlier
● Ivanti Policy Secure version 22.7R1.3 and earlier
● ZTA Gateways version 22.8R2 and earlier
[Recommended Actions]
A patch has been released. If you are using any of the affected product versions listed above, please verify using the official link:
https://forums.ivanti.com/s/article/April-Security-Advisory-Ivanti-Connect-Secure-Policy-Secure-ZTA-Gateways-CVE-2025-22457?language=en_US

Current announced patch information:
● Ivanti Connect Secure: Apply the security patch released in February 2025 (22.7R2.6).
● Pulse Connect Secure 9.1x: This software has reached End-of-Support. Please contact Ivanti for migration options.
● Ivanti Policy Secure and ZTA Gateways: Security patches are under development and expected to be released on April 21 and April 19, respectively.

Use the integrity check tool provided on the official website to examine your system:
https://forums.ivanti.com/s/article/KB44755?language=en_US
[Reference]
https://www.twcert.org.tw/tw/cp-169-10059-bec63-1.html
(This notification is for informational purposes only and does not constitute a cybersecurity incident).
If you have questions or suggestions regarding this notification, please feel free to contact us.
Ministry of education information & communication security contingency platform
Website: https://info.cert.tanet.edu.tw/
Phone: +886-7-5250211
Internet Phone: 98400000
E-Mail: service@cert.tanet.edu.tw
Organizer: Computer Center