This alert is relevant to Australian Organisations who utilise Ivanti products. This alert is intended to be understood by technical users.
Background
- Ivanti has released information regarding a critical unauthenticated buffer overflow vulnerability in Ivanti Connect Secure, Policy Secure and Neurons for ZTA gateways (CVE-2025-22457)
- Ivanti has observed active exploitation associated with this vulnerability.
- Affected products include:
- Pulse Connect Secure 9.1.X
- Ivanti Connect Secure (version 22.7R2.5 and earlier)
- Ivanti Policy Secure
- Neurons for ZTA gateways
- Pulse Connect Secure 9.1X is end of support as of 31 December 2024.
Mitigation / How do I stay secure?
The ASD’s ACSC recommends businesses, organisations and government entities:
- Follow Ivanti’s Security Advice for affected products.
- Ensure affected products are updated to patched versions that address this vulnerability.
- Ensure affected devices are configured in line with Ivaniti’s guidance to mitigate exploitation.
- Investigate for potential compromise of these products.
- Monitor and investigate for suspicious activity in connected environments.
For additional information, please refer to Mandiant’s related threat intelligence report.
Assistance
Organisations that have been impacted, suspect impact or require advice and assistance can contact us via 1300 CYBER1 (1300 292 371) or asd.assist@defence.gov.au.
