Ivanti Warns of New Zero-Day Attacks Hitting Connect Secure Product
securityweek
Embattled IT software vendor Ivanti on Wednesday raised an alarm for a pair of remotely exploitable vulnerabilities in its enterprise-facing products and warned that one of the bugs has already been exploited in the wild.
The high-severity vulnerabilities, tagged as CVE-2025-0282 and CVE-2025-0283, allow unauthenticated remote attackers to launch code execution and privilege escalation attacks.
“We are aware of a limited number of customers’ Ivanti Connect Secure appliances being exploited by CVE-2025-0282 at the time of disclosure. We are not aware of these CVEs being exploited in Ivanti Policy Secure or ZTA gateways,” Ivanti said in an advisory.
The company did not share IOCs (indicators of compromise) or other telemetry data to help defenders hunt for signs of compromise.
From the Ivanti bulletin:
CVE-2025-0282: Rated critical with a CVSS score of 9.0, this vulnerability is described as a stack-based buffer overflow that allows unauthenticated remote attackers to execute arbitrary ...
Copyright of this story solely belongs to securityweek . To see the full text click HERE