Current CyberSecurity Advisories

Critical vulnerabilities in Ivanti Connect Secure, Ivanti Policy Secure and Ivanti Neurons for ZTA Gateways

Request a Call Back
Release date
09 January 2025
Alert rating
Critical

Description

Ivanti has identified critical vulnerabilities affecting Ivanti Connect Secure, Ivanti Policy Secure and Ivanti Neurons for ZTA Gateways. Customers should update to available patched versions immediately and monitor Ivanti’s Security Advisory for further advice.

Audience

Small & medium businessesOrganisations & Critical InfrastructureGovernment

Current update

This Alert is relevant to Australian Organisations who use Ivanti Connect Secure, Ivanti Policy Secure and Ivanti Neurons for ZTA Gateways. This alert is intended to be understood by technical users.

Customers are encouraged to patch to the latest version of Ivanti Connect Secure, Ivanti Policy Secure and Ivanti Neurons for ZTA Gateways, where available and apply advice detailed in Ivanti’s Security Advisory.

Background / What has happened?

  • Ivanti has published a security advisory detailing two stack-based buffer overflow vulnerabilities affecting Ivanti Connect Secure, Ivanti Policy Secure and Ivanti Neurons for ZTA Gateways.
  • CVE-2025-0282 – A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.3, and Ivanti Neurons for ZTA Gateways before version 22.7R2.4 allows a remote unauthenticated attacker to achieve remote code execution.
  •  CVE-2025-0283 – A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2, and Ivanti Neurons for ZTA Gateways before version 22.7R2.3 allows a local authenticated attacker to escalate their privileges.

Ivanti has identified active exploitation of CVE-2025-0282.

ASD’s ACSC has previously released a joint advisory relating to threat actors exploitation of Ivanti Connect Secure and Policy Secure Gateways:

Affected versions / applications:

CVE-2025-0282:

  • Ivanti Connect Secure 22.7R2 through 22.7R2.4
  • Ivanti Policy Secure 22.7R1 through 22.7R1.2
  • Ivanti Neurons for ZTA 22.7R2 through 22.7R2.3

CVE-2025-0283:

  • Ivanti Connect Secure 22.7R2.4 and prior, 9.1R18.9 and prior
  • Ivanti Policy Secure 22.7R1.2 and prior
  • Ivanti Neurons for ZTA 22.7R2.3 and prior

Mitigation / How do I stay secure?

The ASD’s ACSC recommends businesses, organisations and government entities:

  • Follow Ivanti’s published advice to detect and remidiate affected products.
  • Patch to the latest version of affected products, where available.
    • Ivanti Connect Secure version 22.7R2.5 or later available now.
    • Ivanti Policy Secure – monitor Ivanti’s security advisory for availability. Ivanti advises that this product should not be exposed to the internet.
    • Ivanti Neurons for ZTA gateways – monitor Ivanti’s security advisory for availability. If a gateway for this solution is generated and left unconnected to a ZTA controller, then there is a risk of exploitation.
  • Monitor and and investigate for suspicious activity in connected environments.

Further information and details can be found in the Ivanti’s Security release link: Security Advisory Ivanti Connect Secure, Policy Secure & ZTA Gateways (CVE-2025-0282, CVE-2025-0283)

Assistance / Where can I go for help?

Organisations or individuals that have been impacted or require assistance can contact us via 1300 CYBER1 (1300 292 371).

Source
https://www.cyber.gov.au/about-us/view-all-content/alerts-and-advisories/critical-vulnerabilities-ivanti-connect-secure-ivanti-policy-secure-and-ivanti-neurons-zta-gateways
Back

Protect your assets with Predictive

Find out More
TisaAssist bot
🤖 Hello, how can I assist you today?
I can help you with:
✅ Answer questions related to the website.
✅ Help you understand things you don't know.
❓ What's Tisalabs
💻 What's IoT
🔒 Why sensor data must be protected?