2,850+ Ivanti Connect Secure Devices Exposed to Potential Cyberattacks

A sweeping cybersecurity alert has emerged as researchers identify 2,850+ unpatched Ivanti Connect Secure devices worldwide, leaving organizations vulnerable to exploitation through the critical flaw designated CVE-2025-22467.

The findings, published by cybersecurity watchdog Shadowserver Foundation, reveal systemic risks to virtual private network (VPN) infrastructures relied upon by enterprises and government agencies for secure remote access.

We started scanning & reporting out Ivanti Connect Secure CVE-2025-22467 vulnerable (unpatched) instances in our daily feeds. ~2850 IP seen unpatched worldwide in our daily scans.

Top affected: US (852) & Japan (384)

Dashboard world map view: https://t.co/Da4ekpkJbG pic.twitter.com/AQJZC0bmHr

— The Shadowserver Foundation (@Shadowserver) February 25, 2025

Vulnerability Scope and Geographic Impact

Shadowserver’s global scans detected 852 exposed devices in the United States and 384 in Japan, making these nations the most affected by the unpatched vulnerability.

The flaw, which permits unauthorized remote code execution, remains unresolved on ...